Symantec IT Risk and Compliance Product Group

 View Only

  • 1.  CCS v11-Control Point usage, Entitlements

    Posted Sep 19, 2014 08:42 AM
    First, curious to hear some feedback from CCS v11 customers who currently use Control Points & Entitlements. Generally, what type of asset are you primarily marking as Control Points? How often do you require the owner to complete Entitlement reviews? Does the owner have to actually use CCS to view their Entitlements and complete/approve their review? Or can the approvals be completed another way such as through Email, CCS Web Console, etc.? I recently opened a support ticket on an issue I'm having in v11 with marking a specific type of asset as a Control Point (will create a separate forum post for that discussion). But in discussions with Symantec Support, it seems to have been quite some time since any new support tickets have came through related to Control Points. This could either mean that truly no new issues have come up or could mean that CCS customers are not using the feature. Hope to have some good discussion on this topic. Thanks, Aaron Humphries


  • 2.  RE: CCS v11-Control Point usage, Entitlements

    Posted Oct 09, 2014 06:24 PM
    Is anyone even using the Entitlements feature in either CCS v10.x or v11?


  • 3.  RE: CCS v11-Control Point usage, Entitlements

    Posted Oct 10, 2014 10:34 AM

    @ahumphires: Yes we are using this feature in CCS v10.



  • 4.  RE: CCS v11-Control Point usage, Entitlements

    Posted Oct 15, 2014 12:08 PM
    @Hlovers - If I could ask, what asset types do you use Entilements for?


  • 5.  RE: CCS v11-Control Point usage, Entitlements

    Posted Nov 19, 2014 08:55 AM
    I've talked with Support on this and not going to worry about this feature in CCS going forward. We can close this thread.


  • 6.  RE: CCS v11-Control Point usage, Entitlements

    Posted Nov 19, 2014 09:29 AM

    I had been using the Entitlement piece extensively in CCS v10.5 for all file/folder permissions recertification. When we upgraded to CCS v11.0 I lost the entitlement capability (Bindview predefined query). I have to run a separate query for the permissions and another for the groups and members. I have a quarterly SOX and an annual high-risk requirement. the lost of the entitlement report has now doubled my time in creating the required reports. The new reporting aspect in CCS v11.0 has also left me uninpressed. The report templates in CCS v10.5 were much more easy to work with. The end-users and auditors hate the new report format. I have been a CCS Administrator since back when version 9.0 came out - I first worked with ESM and then became the 'pilot' company for CCS v9.0 and was an 'early adapter' for CCS v10.



  • 7.  RE: CCS v11-Control Point usage, Entitlements
    Best Answer

    Posted Nov 19, 2014 02:05 PM
    I've talked with Support on this and not going to worry about this feature in CCS going forward. We can close this thread.


  • 8.  RE: CCS v11-Control Point usage, Entitlements

    Posted Nov 20, 2014 08:44 AM
    KCK - thanks so much for sharing this. I am still running a v10.5.1 RMS data collection along with v11 on the same server since v11 query capabilities are not as robust. Curious, for your new "entitlement" process/reporting you now have with v11, do track the data owner(s) within the file/folder asset? Then, do you manually obtain the data owner's approvals and store that electronically in a network share/folder or similar? I am creating an overall process for periodic user entitlement reviews of file/folder permissions and is the reason I ask.


  • 9.  RE: CCS v11-Control Point usage, Entitlements

    Posted Nov 21, 2014 11:06 AM

    For my reporting piece I just run the queries, create the reports, and upload them to a intranet web page where other reports are uploaded (Mainframe and User reports). Another team within Info Security handles the 'launch' for the recertification and track the validation/sign-off using 'Archer'