Virtualized lab environment for Symantec

I need a solution

Hi All,

To practice more and be ready for POCs tasks and other technical sales activities I need to build virtual lab for my own for all Symantec Products which I handle in my comapny.

Please in this post, I humbly request you to drop all the virtual lab resources from VMware workstation images and lab guides if you have.

1) for ProxySG and CAS

2) SSL visibility and Security Analytics

3) DLP

4) SEP

I am very appreciated to any body can contribute in any component of the virtual lab and even the smallest things that can be shared will be useful and very thankful.

Thanks & Regards



  • No Related Posts

Auto Remediation

I need a solution

Does Symantec Endpoint ATP will auto remediate a system when a suspicious activity or file is found on the machine or when a file is detected malicious by Cynic sandbox.

Will the system get remediate automatically? or the system will get isolated automatically?

If these featyures are not there, will they come in next releases?



  • No Related Posts

7018164: Enabling eDirectory’s event caching: Journal Event Caching vs. XDAS caching

eDirectory has two event caching mechanisms. Each is separate and helps solve one of the challenges outlined above.

Journal Event Cache

Description: this cache applies to ALL journal events: ndstrace, XDAS, NAudit, IDM events, etc. A location on disk can be set to store cached events. This location will be used rather than memory when the number being created becomes greater than the number that can be processed. This cache resides in the NDSD event system and is at a lower layer than the XDAS cache.

Pros: this helps reduce NDSD’s memory footprint by storing those events not yet processed to disk instead.

Cons: consumes additional disk space but compression lowers this requirement. It can also be slower to process the events since they must first be written to then retrieved from disk rather than memory.

Configuration: this cache’s settings are controlled via environment variables set in the ndsd script.


Enables the Journal Event Cache.


Sets the cache directory. Optional, default for Linux is /var/opt/novell/eDirectory/data/ and the dib directory for Windows.
As these are environment variables these are set in the following locations:
init.d: /opt/novell/eDirectory/sbin/pre_ndsd_start
systemd: /etc/opt/novell/eDirectory/conf/env

– There is no Journal Event cache setting for specifying the size. The Journal cache will use file sizes of 4MB or less while implementing its own compression upon them.

XDAS Cache

Description: The cache is implemented in the xadauditds layer and is ONLY used when:

1. XDAS specific events are ready to be sent to a remote auditing server.


2. The remote server cannot be reached.

Pros: Prevents the loss of audit event information when a remote audit server cannot be contacted. This cache is only used when required. The events are released once the remote server’s connection is reestablished.

Cons: other than some additional disk space used, none since it is only used if there is a problem.

Configuration: this cache’s settings are controlled via variables set in the file.

– log4j.appender.S.CacheEnabled

Enables the XDAS Cache for storing XDAS events locally.

– log4j.appender.S.CacheDir

Optionally specifies the directory to use (/var/opt/novell/eDirectory)


Specifies the maximum file size. Values can be from 50MB to 4GB. The default is 512MB.

These cachemethodscan be used together. Consider the following scenario.

a. An XDAS audit event for a login is thrown but its reporting to the consumer is delayed behind other earlier events. The event gets written to the Journal Event Cache.

b. The Journal thread comes along and releases this event from the Journal Cache.

c. The configured remote audit server cannot be contacted. The event goes into the XDAS Cache.

d. The remote server is brought online again. The event is released from the XDAS cache and sent to a remote syslog appender.

More information can be found in the eDirectory Admin Guide found here:


  • No Related Posts

A Hitchhiker’s Guide to Deploying Hyperledger Fabric on Kubernetes

Deploying a multi-component system like Hyperledger Fabric to production is challenging. Join us Wednesday, September 26, 2018 9:00 a.m. Pacific for an introductory webinar, presented by Alejandro (Sasha) Vicente Grabovetsky and Nicola Paoli of AID:Tech.

Why should you care?

Hyperledger Fabric is rather awesome, but deploying a distributed network has been known to give headaches and even migraines. In this talk, we will not be providing you with a guillotine that forever gets rid of these headaches, but instead we will talk you through some tools that can help you deploy a functioning, production-ready Hyperledger Fabric network on a Kubernetes cluster.

Who should attend?

Ideally, you are a Dev, an Ops or a DevOps interested in learning more about how to deploy Hyperledger Fabric to Kubernetes.

You might know a little bit about Hyperledger Fabric and about Docker containers and Kubernetes. We assume limited knowledge and will do our best to as possible and explain and demystify all the components along the way.

Read more at The Linux Foundation


  • No Related Posts