You design your system
For better be your antivirus, two problems occur frequently: Lack of update. Inefficiency to block changes in the registry keys or writing to the system folder. For malware to install itself on the system successfully it needs basically two things, run and allowed to spread. Many users do not know, but as an administrative user, you have the power to destroy your system if you wish, as well as install whatever you want on it. When working on a computer as an administrative user, everything the user does is run with administrative powers and as such, you can modify any part of the operating system. hugs449Views2likes0CommentsPhrases that scare security professionals
Given the findings of some practices and routines, it is easy to know what the problems are with the security companies. It is your case? The scenes are classic. A child with chocolate smeared shirt says, categorically: "It was not me." Or the phone rings and mother assures you, "There's nothing to worry about." Or a systems administrator who carries a box of tapes back up guarantees: "Within minutes, all information will be retrieved." In some cases, the first words you hear - despite the distance between them and the truth - are enough to tell you everything you need to know. In some cases, the first words you hear - despite the distance between Them and the truth - are enough to tell you everything you need to know. The same applies to the world of information security. The same applies to the world of information security. Some words sound reassuring, but we know they often point out problems of internal security, technical resources or the people and processes involved in the protection systems. Get to know some of the phrases "revealing secrets" that signal the imminence of problems in security. One. One We have a culture of safety We have a culture of safety "No, you do not have" is the immediate response of the professionals. "No, you have not's" is the immediate response of the professionals. Even if only mentally. Even if only mentally. This is the kind of phrase that comes from companies that started with five people - in the traditional family business model - and, as they grew, a snap themselves operating with thousands of people without governance or policies. This is the kind of phrase That comes from companies That started with five people - in the traditional family business model - and, As They grew to snap Themselves Thousands of people operating with or without governance policies. Some exchanged and its "safety culture" are enough to buy a good espresso in a quiet corner allowing look to the horizon and find out how much work lies ahead. Some Exchanged and its "safety culture" are enough to buy a good espresso in a quiet corner Allowing look to the horizon and find out how much work lies ahead. The simple fact is that without support guidelines or feedback mechanisms (feedback), security is defined differently by each and is not verified by anyone. The simple fact is without support guidelines That common mechanisms or feedback (feedback), security is defined differently by each and is not verified by anyone. There are no metrics for compliance with the "culture" and a "safety culture" is hidden by a practice of "do your job". If there are rules, write them down. If there are rules, write down Them. If technology is put into action to implement or monitor the rules, write that down too. If technology is put into action to Implement or monitor the rules, write down That too. If people break the rules, comply with what was agreed. If the rules undermine the legitimacy of the business when completed, change them. 2nd. 2nd. IT security is information security IT security is the security of information Information security is not the same thing in the information technology security. If the term "information security" is used in the same way that "IT security", it invariably means that nobody has taken decisions not primarily security techniques that affect departments - IT, human resources, legal, audit and perhaps others in the organization. Join those who have influence in the departments listed above and decide whether information (not paper documents or equipment) is an asset of the company, such as computers and desks. Decide whether the company authorizes people to do jobs, logical and physical access to information as individuals. Decides Whether the company authorizes people to the jobs, logical and physical access to the information Individuals. Take these policies in group decisions. Take these policies in group decisions. Then maybe there will be more time to decide "how to" manage security - rather than trying to guess ... 3rd. 3rd. This does not apply to the chief This does not apply to the chief Although this is becoming less of an issue in public, occasionally an executive simply refuses to follow security guidelines that he himself approved. Although this is less of an issue Becoming in public, occasionally an executive simply Refuses to follow security guidelines That he himself approved. Unless you are prepared to meticulously document all "escapades" following the model of forensics and then deliver them to the directors or the police (or just quit), be prepared to work around the situation. Most bad apples can be managed by applying the Machiavellian sense of having influence the relationship of the other: they must at least pretend to lead by example, while continuing to do whatever they do behind closed doors. Few will admit it, but many Organizations simply put in the budget and install a DSL line access to "guests" in the halls of top executives and Their Eyes close to anything that is plugged into That line. This is not a desirable solution, but if you still solve these executives sign the documents required by Sarbanes-Oxley, the rest comes from the ability to deny knowledge of security professionals. 4th. 4th. Our department gets information security IT staff Our department gets information security IT staff Titles do not matter. Titles of not matter. A report by a security expert at the IT director is always a security administrator, even if that person has the job of information security officer. The problem is that in the corporate world the word "officer" usually means that professional has the authority to verify and monitor whether all the techniques and processes that control proprietary information are efficient. An IT security administrator is usually involved in designing technical control and therefore can not be "self-audit" and make sure that IT is doing the right thing, particularly if it relates to someone within IT. The security professional with the position of "officer" should always report the same level or higher as the IT director. The security professional with the position of "officer" should always report the same level or higher to the IT director. 5th. 5th. We have a password policy We have a password policy Speaking directly, a document that specifies the size, shape and complexity of a password is a technical standard or procedure, not a policy. Speaking directly, the document that specifies the size, shape and complexity of the password is a technical standard or procedure, not a policy. Politics is a directory for directing business, something like "individuals must be identified uniquely and authenticated priority to have the condition to access the company's assets." Politics is a business directory for directing, something like "Individuals must be authenticated and uniquely Identified priority to have the condition to access the company's assets." Note that this example policy involves "what" to do about people and access, not "how" to construct a sequence of character types. 6th. 6th. Our executives have copies of all passwords Our executives have copies of all passwords Although the idea to make a young student faint, ex ist indeed managers who demand that their direct employees to disclose their individual passwords. Although the idea to make the faint young student, ex ist indeed managers who demand That Their direct employees to Disclose Their individual passwords. The explanation for this is always: "What if someone is fired or sick? How could we find your documents?." When this happens, the only effective strategy is to tell anyone who asks such a thing: "If you do, then you are a suspect in any negative situation that arises. When this happens, the only effective strategy is to tell anyone who ASKs such a thing: " You'll never be Able to fire anybody because you will Also be a suspect. "Or you can always summarize it all in a simple:" Grow friend. " 7th. 7th. The brand is our standard I have nothing against the major hardware vendors in the market, but when the personal shopping company says: "Our standard is Dell" (or any other brand), what they are really saying is: "We play our standards security out the window in exchange for discounts and now we buy whatever the vendor offers. " I have nothing against the major hardware vendors in the market, but When the personal shopping company says: "Our standard is Dell" (or any other brand), What They are really saying is: "We play our security standards out the window in exchange for discounts and now we buy whatever the vendor offers. "It's the equivalent of shopping that her great-aunt in a store with inflated prices, getting happy because" a product is discounted 75%. " It's the equivalent of shopping That her great-aunt in the store with inflated prices, getting happy because "the product is discounted 75%." The point is, that both her great-aunt when IT people in the real world have other decisions to make and are commodity PCs. The point is, that her great-aunt ambos When IT people in the real world have other Decisions to make and are commodity PCs are all sure to choose the product from a vendor and maintain applications with it for a while. It's all right to choose the product from the vendor and Maintain applications with it for a while. But a manufacturer is not a technical standard and there is a problem in that mix if anyone does their homework. But the manufacturer is not a technical standard and there is a problem in That mix if anyone does Their homework. When a manufacturer makes changes in line or software product - especially when that part of an equipment manufacturer and network security such as Cisco Systems - it is important to have clearly defined functional requirements to assess whether the products still work as desired. When the customers not know what They want, any bargain Seems to be what you need. 8th. 8th. Hey, where did that come from? It is conceivable that those highly technical users should organize their own equipment as well as support them. On the other hand, this means that the area of IT and support personnel were knocked out by hardware manufacturers that provide only an 0800 number that never works. Security policies must be present everywhere, including the bathrooms attached to the wall behind the toilet paper of an organization. Security policy in the company can be exposed Also next to the bathroom towels. The important thing is to be clear and known to all. Solving this problem is a fundamental respect. Solving this problem is a fundamental respect. Start with the basic governance and making it clear that there are rules, with much effort and communication, this will at least make the "safety culture" a settled matter. 9th. 9th. We ship to the firewall rules ... Most network administrators cowers with the words mentioned above. Still, many will still send free email with a copy of the firewall rules. Worse, they have an OEM or a freelance consultant who set up the firewall for them and retain the single copy of the rules. These rules, if they present complexity, provide a detailed map of the security scheme of the company, with important information about the identity of internal networks and services and how to make them a target. No serious security professional would date a copy of the firewall rules of someone without a specific requirement to do so. A competent auditor of information systems certificate or other auditor will review firewall rules directly into the system administrator and can not take. The Competent auditor of information systems certificate or other auditor will review firewall rules Directly into the system administrator and can not take. If you see a copy of your corporate firewall rules put in an audit report, especially an audience, get ready to redo the design of IP ... and call their lawyers. Their lawyers and call.Solved1.3KViews2likes6CommentsDuplicate to tape "Rule Blocked"
I setup my 3600 to backup a server full / Incrim for a few months just to dedupe locally now a tape is being required so I installed a quantum ulta 5 half height tape library. (no updates available on the 3600 I am on 2012 SP4 with all the latest hotfix's) Ensured it is on the latest FW, did a full diagnostic via quantums propriertery software, ensured the hba was also on its latest firmware/driver ( I did this after when troubleshooting). Connected the tape drive and installed it via adding a tape drive in storage and used the symantec drivers. I then proceeded to modify the rule for the server I am backing up to dupelicate to tape and with all backups selected, then with most recent full backup to which I got a running job then back to scheduled with nothing else I tried a one off backup job and it worked.... I then created a new job with the same settings and deleted the old job I now get a rule blocked. I then proceeded to disable/hold every other job and clean out every old job, recoverys etc.... and tried it again still rule blocked I then changed the full backup to yearly removed inc and the tape to yearly and set it 6 months apart still rule blocked. to note I am trying to backup lotus DB only not exchange and I only have 2GB lleft on dedupe/disks I am at my 500gb reserve, so no new disk backups can occur I have also disabled all error handling rules and enabled logging to the maximum and couldnt see anything to which it was referring to ? any ideas as I am going out of my mind on thisSolved1.3KViews1like4CommentsAppliance WebUI does not display information
Hello We are using BE3600R2 and whenever we using WebUI we are unable to find details related to Disk Raid Battery It says No disk No Raid and No battery. Please find the attached screenshot for more information. Thank you in advanceSolved912Views1like3CommentsBackup Exec appliance 3600 server Lockup/Freeze
Hello, I am having an issue with backup exec for a while and no one has been able to help me yet with it. Our media server keep locking 3-4times a week, when that does occurs: - Can't remote in using the remote application shortcut - Can't remote in using power shell - We receive no more email - Can't connect on the appliance webpage to launch a reboot - On the console, i can move the mouse, but can't do a CTRL+ALT+DEL it is froze up there.. - When i reboot the server, there's no evenid beetween the time it has froze up and the reboot time - I had this issue with Backup Exec 2012 SP4, i upgraded last week to Backup Exec 2014 and it still happening 3-4x times a week - It does occurs while jobs are running, but thats all i know The only thing that fix the problem is to hard reset the server, and it is fixed until 1-2days later it lockup again I opened a case with Symantec: CaseID: 07348134 I am scratching my head over this for months, please help me out with this!!! thanks1KViews1like5CommentsProblem with TECH215556
Hi all i'm having a problem as described in http://www.symantec.com/docs/TECH215556 There's anyway something not so clear to me in the solution, maybe i't just me being dumb.... Make a note of the file names located in \Program Files\Symantec\Backup Exec\VMware\VixDiskLib\bin Stop the Backup Exec services on the media server Remove any of the file names noted in Step 1 from \Program Files\Symantec\Backup Exec Restart the Backup Exec services and rerun AVVI backup job If i am not wrong i must stop all services, wipe the files into path and restart services, but doesn't make 100% sense to me....english is not my native language so maybe i an not getting it :-\ Any hint? Thanks in advance!Solved649Views1like7CommentsBacking up VM from Vcenter
Hi All, I am trying to backup virtual machine via Vcenter but getting the following errors. Could someone help me ? Backup- VMVCB::\\server.ABC.lan\VCGuestVm\(DC)ABC(DC)\vm\Support-work.ABC.lanV-79-57344-38277 - Unable to open a disk of the virtual machine. VixDiskLib_Open() reported the error: You do not have access rights to this file Exceptions Click an exception below to locate it in the job log Backup- VMVCB::\\server.abc.lan\VCGuestVm\(DC)ABC(DC)\vm\Support-work.abc.lanV-79-57344-38727 - Backup Exec failed to collect the necessary metadata for virtual machine '\(DC)ABC(DC)\vm\Support-work.ABC.lan' to restore individual application items. You cannot perform GRT-enabled restores of application data from this backup. RegardsSolved1.4KViews1like6CommentsExchangee 2013 SP1 Backup with EXEC 2014 Appliance error.
Hi There, I've issue in Backup Exchange with EXEC 2014 Appliance 3600 ad below detailes (sorry for long) Exchange Version: Enterprise 2013 SP1 BN: Version 15.0 (Build 847.32) EXEC: Appliance 3600 2014 installed on 2008 R2 We have 4 hosts clustered windows server 2012 R2. Hyper-V cluster with one CSV. On top of that (CSV)we have: MailBox1: OS as VHD 2 LUNs Directly Attached to SAN 1 for (DB1+logs) , 1 for (DB2+logs) MailBox2: OS as VHD 2 LUNs Directly Attached to SAN 1 for (DB1+logs) , 1 for (DB2+logs) CAS1: NLB CAS2: NLB Backup Exec 2014 appliance for backing up all servers, We have 2 backup tasks one for Hyper-V hosts (backup Vm’s), and second for backup up exchange DAG. We are facing issue in DAG job that in the middle of task one of the mailbox servers freeze and stop responding the following: Backup exec agent lose the connection. But server is available on the hyper-V console with limited connection status on network icon. However in that time server stop responding for any network traffic (RDP, Ping, ETC) for 2-3 hours then it back to live again or once we do manual live migration for one of the hosted VM’s on the same host as the failed mailbox server it comes a live instantly. In that time server goes down (Mailbox2) some errors in event viewer. Mailbox-02 errors with screenshots are uploaded here Alos i'm opening ticket with Microsoft regarding that issue. buturgent for me so i came here :) Also Symantec EXEC job status fail with the attached log. Exchange DAG backup failed job report. here : http://1drv.ms/1owPiRe Thanks in advance959Views1like6Comments