Quantcast
Channel: Symantec Connect - Products - Discussions
Viewing all 310 articles
Browse latest View live

What’s new in CCS SCU 2017-3

February 12, 2018, 10:58 pm
$
0
0
Non, je n'ai pas besoin d'une solution (je partage des informations seulement)

Symantec CCS SCU 2017-3: New Updates and Significant Enhancements

  1. Content Updates

As a Compliance Officer, I want to use Security Best Practices Standards and CIS Benchmarks to perform security configuration assessment, policy compliance, and regulatory compliance on various platforms, databases, and applications using CCS 11.x & 12.0.

  • New Standards
    • CIS Benchmark for Oracle MYSQL Enterprise Edition 5.6 v1.1.0 (On Unix)
    • CIS Benchmark for Oracle MYSQL Enterprise Edition 5.7 v1.0.0 (On Unix)
    • CIS Benchmark for Microsoft Windows Server 2016 v1.0
    • CIS Benchmark for Amazon Linux v2.0.0
    • CIS Benchmark for Oracle Linux 7 v2.0.0
    • CIS Benchmark for CentOS Linux 7 v2.0.1
    • CIS Benchmark for Microsoft IIS 8.0 v1.5.0
    • CIS Benchmark for Microsoft IIS 8.5 v1.5.0
  • Security Essential Standards in Standard Manager
    • Security Essentials for JBOSS EAP 6.3
    • Security Essentials for Apple OSX 10.12
    • Security Essentials for Kubernetes 1.8
    • Security Essentials for Debian Linux 8.x and 9.x
    • Security Essentials for Check Point Firewall R80.10
    • Security Essentials for Fortinet Fortigate Firewall v5.6
    • Security Essentials for Apache Hadoop 2.9
    • Security Essentials for AIX 7.2
    • Security Essentials for Oracle MySQL Enterprise Edition 5.6 (On Windows)
    • Security Essentials for Oracle MySQL Enterprise Edition 5.7 (On Windows)
  • Regulator Frameworks/Mandates
    • Update to General Data Protection Regulation (GDPR) as per Symantec Legal Guidelines.
    • CIS Critical Security Controls for Effective Cyber Defense Ver 6.1 (CIS Top 20 Mandate)
  1. Oracle agent credential management for Unix platform
    • As a IT Operations User, I want the capability to manage Oracle credentials on agent side for Unix platform while scanning CCS Oracle agent bases assets.
  1. MySQL Platform Support
    • As a IT Operations User, I want to the ability to collect data from MySQL 5.6/5.7 databases deployed on Unix/Windows platforms so that I can assess the security configuration.
  1. Other Changes in SCU 2017-3
    • Support for the diffie-hellman-group-exchange-sha256 key exchange algorithm and the hmac-sha2-256 MAC algorithm.
    • Support for Superseding patch field in “Installed Software Features”.
    • Windows data collection support in Active Directory (AD) environment with Windows 2016 Functional Levels.
    • Added Questionnaire to Control Compliance Suite Assessment Manager (CCS AM) corresponding to mandate CIS Critical Security Controls for Effective Cyber Defense Ver 6.1 (CIS Top 20 Mandate) in CCS AM content update.
    • Marked following standards as deprecated considering platform reached its extended end of life date from vendors or CCS has new standard corresponding to the latest CIS benchmark version
      • Security Essentials for CentOS 7.x
      • Security Essentials for Windows 2016
      • Security Essentials for Microsoft IIS 8.0 and 8.5

You can visit following link for What’s New in the SCU 2017-3 release

http://www.symantec.com/avcenter/security/CCS/scu/2018.01.30/CCS_12/SCU_2017-3_Release_Notes.pdf

Download Location(s):

SCU 2017-3 is available via Enterprise support site.  SCU 2017-3 package is also available via Live Update as well.

SCU 2017-3

https://www.symantec.com/security_response/securityupdates/list.jsp?fid=ccs&pvid=scu

SCU for CCS AM 11.x

https://www.symantec.com/security_response/securityupdates/list.jsp?fid=ccsam&pvid=ccsam_scu

Agent Download(s)

https://www.symantec.com/security_response/securityupdates/list.jsp?fid=ccs&pvid=pgu&year=2017

Security Updates

https://www.symantec.com/security_response/securityupdates/list.jsp?fid=ccs

0
Search

What’s new in CCS PU 12.0.1

February 12, 2018, 11:14 pm
$
0
0
Non, je n'ai pas besoin d'une solution (je partage des informations seulement)

Symantec Control Compliance Suite 12.0.1: New Capabilities and Significant Enhancements

  1. General Data Protection Regulation (GDPR) Report and Dashboard
    • Flattened GDPR mandate hierarchy (Needs SCU 2017-3)
      • As a Compliance officer, I want to have GDPR mandate to be shown in flat hierarchy.
    • Support for Business Asset
      • As an Information Security User, I want to have capability to group asset as Business Objects and perform various operations on them.
      • To leverage this capability, Customer needs to install hotfix 10102 available on CCS AM 11.1.1.
    • New GDPR reports on Business Asset
      • As a Compliance officer, I want to view GDPR reports on Business Asset. 
    • New GDPR Dashboard
      • As a Compliance Officer, I want to view compliance score of the eco system for GDPR at one place in form of Dashboard.
  2. Feedback incorporation for Modern User Interface (UI) received on CCS 12.0 and Defect fixes
    • New Home Page
      • As the Information Security User, I want Symantec Control Compliance Suite to provide me quick information/health for the eco system along with frequently used links, License Usage and Feature usage on the CCS homepage.
    • Other UI Enhancements as per the feedback received
      • More data/records are displayed in Jobs workspace.
      • You can now collapse the steps view in CER wizard step catalog which provide more space in hierarchy expansion and selection.
      • More space is also available in Asset Select step in the CER wizard.
      • Selected Items section is visible now all the time on CER Wizard.
    • License/Metering changes
      • License metering for MySQL, VMWare and ESXi is implemented.
  3. Out of the box Control Compliance Suite Vulnerability Manager (CCS-VM) Connector

  • As a CCS Administrator, I want to fetch smart rules automatically and test server connection once I provide the CCS-VM Server details.

0

Query regarding CCS Vulnerability Manager

February 15, 2018, 11:16 pm

Symantec CCS 12.0.1 & Symantec CCS-VM 12.4.5

February 28, 2018, 11:01 am
$
0
0
Oui, j'ai besoin d'une solution

Hi!

Why is not recommend install SCCS 12.0.1 and SCCS-VM 12.4.5 in the same server 2012 r2 standard...???

For scanns in SCCS-VM 12.4.5

With Agent is necessary the agent Installed and registred and agentlees is necessary account domain admin or account with privileges...

Is possible make scanns within agent and within credentials...???

Thanks for your help.

Regards.

0

Symantec CCS Migration with Host Name & Domain name change

February 28, 2018, 10:45 pm
$
0
0
Oui, j'ai besoin d'une solution

Hi Team,

Can you please provide solution how will I able to migarte CCS 11.5 from client's current vendor's DC to my organization's DC?

As per client requirement of  as-is environment, I am taking backup of all application server's configuration and database from currently existing environment. 

Can you please help me out with below challanges which I might face if I go with old data and configuration into new environment?

1> Hostname Change

2> Domain Change

or

3>Hostname & Domain Change

Regards,

Chhavi

0

Report generation

March 7, 2018, 3:15 am
$
0
0
Oui, j'ai besoin d'une solution

I want to know how can we extract report for any controls like Inventory of authorized and unauthorized hardware/software?

0

CIS Microsoft IIS7 Benchmark v1.8.0

March 10, 2018, 1:31 am
$
0
0
Oui, j'ai besoin d'une solution

Hi

I used CCS 12 and I want to run a benchmark for IIS7. In CCS12 only CIS Security Configuration Benchmark For Microsoft IIS 7.0 v1.1.0 is checked, but according to CIS there is much newer (CIS_Microsoft_IIS_7_Benchmark_v1.8.0).

I did not find an update on the official symantec content list:

https://www.symantec.com/security_response/securit...

What is the possibility of updating the old benchmark or downloading a standard from somewhere else?

Thanks in advance for your help

0

Issue on scanning agents and registering agents

March 16, 2018, 10:40 am
$
0
0
Oui, j'ai besoin d'une solution

Hi 

We have an ESM manager (11.0) serving mutiple customers. Scanning and registeration works well for all except one customer. 

Below are the noted points.

1. Error while scanning the agent: error writing the server name to the remote process for agent

2. Error while trying to re-register agent: 

Error: ESM_REG_24707,     
connection verification from the manager to the agent failed
register:  Error: ESM_REG_23673, error contacting agent<AxStringCode Code=23370>The 
ESM agent  () is not authorized to contact the manager  Please re-register the agent with the manager.</AxStringCode>3

3. DNS resolution and telnet to both source and destination is working fine. Tracert is completing in 19 hops. So no communication block

4. Issue Applicable for windows, AIX and linux platforms.

5. Everything was working fine with this client also and issue started suddenly. No changes made in between.

6. Changed the hostname (same IP) of ESM Manger 6 months back and working till last week. DNS (only forward) entry of the old hostname is still present.

7. Re-registering the agent with old and new hostname is failing with the above mentioned error (point 2)

8. Re-registering the agent with IP is working fine. More than 600 clients and manual re-registeration is frantic.

Thanks in advance. Please help.

REGARDS

SHIJIN M

0
Search

CCS Application Server & CCS Manager is different different DC

April 18, 2018, 2:22 am
$
0
0
Oui, j'ai besoin d'une solution

Hi Team,

I have to install 1 CCS Application Server, 1 Sql Database Server & 1 CCS manager in a single Data Centre, but in my client's environment there are 2 more CCS managers which are located at diferent geographical locations and are in different service providers Data Centre.

Can you please tell how can i make CCS managers to communicate with my CCS Application Server.

Regards,

Chhavi

0

Checks edit problem

April 19, 2018, 5:42 am
$
0
0
Oui, j'ai besoin d'une solution

Hello

I tried to edit CIS Red Hat Enterprise Linux 7.x Benchmark v2.1.1 benchmark (5.4.1.4 Are inactive user accounts locked? check), but I can not figure out how to modify the value below:

SearchString Equal To ^\s*INACTIVE\s*=\s*(30|[1-2][0-9]|[1-9])\s*(\s+#.*)?$  --> SearchString Equal To ^\s*INACTIVE\s*=\s*\(30\)

Someone could write the sequence of steps.

Thank you in advance!

0

How to change the default report name

May 28, 2018, 9:04 am
$
0
0
Oui, j'ai besoin d'une solution

Hi,

Once you run a CER job , report gets generated with name "ProccesedReport". I am looking for setting that will assign the report name as "<Job_Name_Date_time>".

0

CCS and Service Now Integration

June 12, 2018, 1:33 pm
$
0
0
Oui, j'ai besoin d'une solution

Has anyone tried to integrate CCS and Service Now with the Remediation workflow capability built into the CCS product?   I know that it is possible at least to get a ticket created via an Email, but I just would like to know what are the real world concerns with this approach.   Any help would be greatly appreciated.

0

Policy Run Error

June 22, 2018, 12:25 am
$
0
0
Oui, j'ai besoin d'une solution

Hi All,

I am facing  "Job stopped,stuck in running state for more than 20hrs " error on running policy scans on Unix servers installed with Symantec CCS agent .Can you please provide any solution to this?

I have already refered the article - https://support.symantec.com/en_US/article.TECH111738.html and made relevent changes but still facing the same error.

Would really appreciate some insight on this issue.

Thank you

0

what differences exist between installing or not the control agent compliance suite

October 17, 2017, 2:17 pm
$
0
0
Oui, j'ai besoin d'une solution

what differences exist between installing or not the control agent compliance suite

0

Data collection issue happen in Windows 2008

July 16, 2018, 3:38 am
$
0
0
Oui, j'ai besoin d'une solution

Dear All,

Can help to advise the issue as below:

Product: CCS version 12

Asset: WIndows 2008 Standard 32bit

Problem: when run data collection, it will show:

1. Windows Data Collector: Query returned with messages

    Detail: The system cannot find the file specified

2. Windows Data Collector: An error occurred during query execution

    Detail:  <domain>\<hostname>: [6c002990-6f5b-491e-8d38-3b38009934be-2:f650751c-79ba-4e2a-aceb-0066864c339d] The value [HKEY_LOCAL_MACHINE] did not match the validation expression for the scope components ScopeComponentHive. Failed at character 7

I will uninstall and reinstall but the issue still occurred and this issue is not happening for Windows 2012 Server.

I try search in knowledge base, but i did not find any related.

Please help.

0
Search

SYMANTEC CCS MIGRATION

August 2, 2018, 5:40 am
$
0
0
Oui, j'ai besoin d'une solution

Hi Team,

We have a query regading the Symantec CCS version 11.5.2.

In our case we are testing the mentioned version in enviroment which has Windows 2008 OS, but the production environment is buildup of Servers with Windows 2012. Will it be wise to use the test results of older version  (Windows 2008) and deploy CCS without testing it in  latest version windows 2012.

Regards,

Chhavi Kant Joshi  

0
1533289398

How to move multiple assets from one folder to another under a site name

August 22, 2018, 1:05 am
$
0
0
Oui, j'ai besoin d'une solution

Hi guys,

We have as part of our daily activities to run job (policy runs) on groups of servers that are all under one or another folder. The issue is that when we want to run a policy on 50+ servers we need to modify or create a data collection and evaluation job and add to it the assest we need one by one. Is there a way to add multiple assets to a job from a list we have?

0

asset cannot be contacted

September 17, 2018, 11:44 am
$
0
0
Oui, j'ai besoin d'une solution

Hello,

I was trying to generate a report for a windows server 2012R2 and I have seen the following error and the report generated was blank.

Message: The assets can not be contacted. Verify that the asset is functional and connected to the Network. Error: The network path was not found.

Can somebody help please.

-Thanks

0

CCS-VM User administrator does not work to configure Analytics & Reporting

October 2, 2018, 9:45 am
$
0
0
Oui, j'ai besoin d'une solution

We install CCS-Vulnerability Manager without apparent inconveniences, we can authenticate in the web console with the user administrator. When trying to configure Analytics & Reporting, ask for a new authentication, we type the same credentials of the administrator user and the message "You have entered an invalid username and password combination" appears.

Attempting to correct the problem we created users administrators members of the default group "Administrators" in Role Based Access -> Users & Groups importing them from Active Directory. These users are created correctly but do not allow authentication even in the console.

In view of the above, we created a new local user also a member of the Administrators group, this user can authenticate in the console but not when trying to configure Analytics & Reporting, the same thing happens as with the user administrator.

Questions:

What is the valid user to configure Analytics & Reporting and where is it defined?
How do we enable the users imported from AD so that they can authenticate in the web console of CCS-VM?

0

An error occured in Evaluation Activity: Unable to retrieve list of Assets from ADAM: No Assets were resolved from the directory, either due to insufficient permisssions or an invalid job definition.

October 14, 2018, 4:19 am
$
0
0
Oui, j'ai besoin d'une solution

Error Message - An error occured in Evaluation Activity: Unable to retrieve list of Assets from ADAM: No Assets were resolved from the directory, either due to insufficient permisssions or an invalid job definition.

Need help to fix above issue.Following are the process which I have done.

1. Windows Server 2012 R2 and CentOS 7 VM has been created in the same network where Symantec CCS VM Presents.(Symantec CCS 12.0.1)

2. CCS able to discover the "CentoOS" VM but not the "Windows Server 2012 R2" VM.

3. Both Windows/CentOS VM are added as assets manually to the Sub-folder under "Assets" Main folder.

4. Credentials of both Windows/Cent OS VM's has been added and saved.

5. But when I am trying to perform "Run Collection-Evaluation-Reporting" for both VM's separately using predefined Standards available, the process failed with following error message.

Error Message - An error occured in Evaluation Activity: Unable to retrieve list of Assets from ADAM: No Assets were resolved from the directory, either due to insufficient permisssions or an invalid job definition.

Predefined Standard used for Windows Server 2012 R2 - CIS Microsoft Windows Server 2012 R2 v2.2.1

Predefined Standard used for CentOS 7 Evaluation - CIS Red Hat Enterprise Linux 7.x Benchmark v2.1.1

Help me get this fixed to proceed further.

Error Screenshot

0

Viewing all 310 articles
Browse latest View live
Search