Symantec recently announced the acquisition of Clearwell Systems, making a move which came to no surprise to folks working in the Archive, E-discovery arena. However in this day and age of “smash and grab” acquisitions in the IT industry, it was nice to see a partnership come together that makes good sense, both business and technology wise!

Data protection is an essential part of every IT strategy. A good data protection plan minimizes the risk of downtime and data loss as well as the risk of a compliance incident. Most enterprise level data protection implementations are complex, costly and require thoughtful planning to ensure that the risk of data loss is reduced to an acceptable level. As with any technology there is no shortage of catch phrases to distract the overburdened administrator as well as the budget conscious executive. Phrases like “Integrated Data Protection”, “Industry Leading”, “End to End” and yes, even “cloud”. Let’s face it. The only reason you spend a dime on this stuff is to reduce risk because risk adds cost to your operation. The cost of data re-entry, the cost of down time or the cost of compliance fines. How simple or complex the system that you create to deal with risk is not the issue. The issue is whether the cost of the system is less than the risk of doing nothing.

Over the last week or so, the internet has been awash in reports of the latest piece of malware targeting Apple OS X systems called MacDefender , MacSecurity or MacProtector. This is a piece of software that Symantec calls FakeAV, which is an entire family of “scareware.” A browser window pops up and says the machine is infected and to download a particular piece of software to remove the issue, when in fact the software you download is the payload that infects your machine. This is not new to the Windows camp as FakeAV products have been around for many years. Everyday many bogus antivirus and security applications are released and pushed to unsuspecting users through various delivery channels. Many of these programs turn out to be clones of each other. They are often created from the same code base but presented with a different name and look - achieved through the use of a "skin". These programs attempt to convince the user to purchase software in order to remove non-existent malware or security risks from the computer. The user is continually prompted to pay for the software using a credit card. Some programs employ tactics designed to annoy or disrupt the activities of the user until the software is purchased.

What the heck is SORT you ask? Well, it’s Symantec’s new “make your life easier” tool. SORT (Symantec Operations Readiness Tools) is a set of Web-based tools that supports Symantec enterprise products. It automates and simplifies some of the most time-consuming administrator tasks! These tools basically make it easy to prepare for your next installation or upgrade.

I’ve received several questions about ISO 19770, the international standard for Software Asset Management, over the past couple of months. Let’s review the landscape… First of all, ISO is an acronym for the International Organization for Standards (ISO) based in Geneva, Switzerland. It is a network of the national standards institutes of over 163 countries that, through many specialized committees, works to develop a consensus among member nations on standards that will be accepted by all countries. You have very likely heard or seen advertisements for companies that included a reference to their ISO 9000 certification, which is becoming a worldwide quality management requirement for companies that wish to become part of a supply chain for major global manufacturers or distributors.

In previous blogs we talked about needing to educate the end users and knowing the details of what activity is occurring on your enterprise’s systems. In part 3, we’re going to talk about managing the threats that occur with a layered approach. Good security doesn’t stop at the endpoint with just an antivirus client (link to symc sep), it doesn’t stop with just a perimeter firewall. It starts with good knowledge of your environment, and grows out to each layer (Network, Endpoints, Client Hardware, Storage, etc) we’ll talk about each one in the next paragraphs.

In Part 1 we investigated effective end-user education by making them take part in exercises to ensure that they are aware of risks out in the wild that exploit the well meaning insider. In Part 2, we’ll educate the IT department by learning what’s happening on their network. The best way to do this is with an appliance like the Symantec Security Information Manager (SSIM). The way that SSIM works is by collecting logs from a multitude of devices, whether they be network devices like firewalls and routers, or application log files like IIS or Symantec Endpoint Protection to correlate events to determine if any malicious activities are occurring across multiple layers. This level of visibility into the enterprise is critical to maintain your level of situational awareness.

I often joke about this common NetBackup support question. Though this is my candid and brutally honest answer, there is a way to benchmark what you could expect from backing up a particular client by examining the performance of the bpbkar process. Though there are many factors that impact the overall backup performance of a specific client this is a good starting point.

I thought I would take a brief break from my Tuning NetBackup series to write about a great Symantec website called VERITAS Operations Services (VOS). VOS is a great site that can be used to “dive deep” into your particular VERITAS software configurations. This is not your standard support site where you can get lost in the sea of menus and documentation for all of Symantec products. What makes VOS special is that you can utilize the site to get customized information on Installation, Upgrades, and perform Risk Assessments.

I have been working with clusters since the mid-90’s. Back then, for Oracle on Solaris, it was required to use Sun Cluster 2.0 for Oracle Parallel Server (OPS). I was not a fan of Sun Cluster 2.x, it had many issues, and I was hesitant when I was introduced to Symantec VCS. After working with VCS I started to see its simplicity and its benefits. I loved how easy it was to install, setup and manage. I became very familiar with it in a Sun Solaris environment.