Is it possible to block USB device through Device ID in SCSP. also using SCSP how we can we protect endpoint from virus in Legacy OS .
Thanks in advance.
Doing a test with a Web prevent only the page dlptest.com and fastmail.com pass from bluecoat proxy to web prevent server with a simple keywords rules and no incidents are create,
Via wireshark i have this error:
But if add the domain live.com in bluecoat , this mach with a keywors an generate a incident ,
My question is, if possible to view with wireshark the keywords ? I’m looking at http 200 OK events
I’m in the process of setting up my production SEPM 14 infrastructure, and when requesting a new back-end SQL DB, I received push back from our DBA’s asking what “exactly” the installer was doing that required SA access.
Before I put in a support case to ask this question, I was hoping someone in the forum could offer some insight…or point me toward a document that would have this information.
From what our DBA told me, some vendors make configuration changes to the server that could affect other databases that share the same server. His goal is to understand what the SEPM 14 installer is doing to prevent this from happening.
Thanks for any thoughts,
a lot of customers are complaining that they can’t sed email to specific domains.
These domains are using your appliance as anti-spam
My MX servers are perfectly clean on every RBL or health check (mxtoolbox and dnsstuff.com).
I made a lot of queries of our subnet and i found that all of my IP address have a negative reputation!
“The host has been observed sending spam in a format that is similar . to snow shoe spamming techniques.”
How’s that possible? 90% of them are not even in use. The ip that we are talking is: 188.8.131.52.
I would like to resolve this problem ASAP because as a Service
Provider we are receiving a lots of complaints from multiple
We have several clients on our network that do not display in the SEPM client status section. I’ve looked at all groups (Default, Workstations, etc.) but there are at least a dozen clients out of about 100 that do not show up anywhere. The clients show current “last connected” times in the Troubleshooting menu and are attaching to the proper server with up-to-date definitions. The only difference I’ve noticed is that the working clients connect to the server IP on the Troubleshooting menu, while the server hostname is listed on the machines that do not work. That may be a coincidence as I can still ping the hostname from the client.
The problem is on Windows 7 and Windows 10 clients, some with v12 and some with v14.
I haven’t gone through all of the steps in the following url yet – thought I’d see if there was an easy fix in the forum first! https://support.symantec.com/en_US/article.TECH160964.html
We are local government agency with 10,000+ endpoints. Most have DLP 12.5 on mostly Windows 7 systems.
What are your experiences/pitfalls/lessons learned from upgrading from 12.5 to 14 to 14.6
Unlike upgrading Symantec AV Management Console, DLP has lots of moving parts.
Even running Cleanwipe on a machine is stringent (must use exact version of cleanwipe on exact version of DLP installed)
There is simply no room for error in this upgrade
Our Symantec Tech keeps saying over and over he upgraded many people from 12.5 to 14.6, but says he is not allowed to give contact info of people he upgraded!
Based on management and past employees I developed visual plan.
See attachment and comment.
please help me to understand how I can submit suspicious a big files > 100MB to Symantec Security Response.
In online submission form https://submit.symantec.com/websubmit/retail.cgi I set File Submission or URL submission but – “File found at the URL is over size limit (20MB)”.
After Petya ransomware outbreak my customer wants to check all the files of external developers in SR using a direct link to the application.
Running currently DCS 6.6MP1 with seperate UMC virtual appliance. Has anyone upgraded to 6.7MP1 from 6.6Mp1? Any issues, workarounds etc…
Also what complete files would be required for rollback and backup of 6.6Mp1?
I have the upgrade steps from the 6.7MP1 documentation, but looking for a graphical installation guide/video for upgrading from DCS 6.6Mp1 to 6.7?
I do have all documentation for 6.7MP1 and the installation guide/video for 6.7MP1.
Any assistance will be useful as we need to upgrade to 6.7Mp1 asap.