Integrating Symantec Data Loss Prevention Enforce Server and Symantec Messaging Gateway

Article:HOWTO77733  |  Created: 2012-08-20  |  Updated: 2012-08-20  |  Article URL http://www.symantec.com/docs/HOWTO77733
Article Type
How To


Environment

Subject


Integrating Symantec Data Loss Prevention Enforce Server and Symantec Messaging Gateway

Before you integrate Symantec Messaging Gateway with Symantec Data Loss Prevention Enforce Server, ensure that both products are licensed.

See About integrating Symantec Data Loss Prevention with Symantec Messaging Gateway.

Table: Steps to integrate Symantec Messaging Gateway with Enforce Server describes the steps that you must take to integrate Symantec Messaging Gateway with Symantec Data Loss Prevention Enforce Server. It also describes in which product or product component you must perform the configuration.

Table: Steps to integrate Symantec Messaging Gateway with Enforce Server

Step

Task

Product or component

Description

Step 1

Ensure that Data Loss Prevention Network Prevent is configured appropriately for message routing.

Symantec Messaging Gateway

Route outbound email to Data Loss Prevention Network Prevent and configure Data Loss Prevention Network Prevent to route email back to Symantec Messaging Gateway. If you have multiple outbound Scanners, you can route outbound mail to Data Loss Prevention Network Prevent servers differently for each Scanner. Alternatively, you can apply the same settings to all outbound Scanners.

See Configuring email connections to and from Data Loss Prevention Network Prevent.

Step 2

Install and configure the Email Quarantine Connect plug-in and configure the plug-in properties.

Enforce Server

See the section on how to install the plug-in in the Symantec Data Loss Prevention SMG Release from Email Quarantine Connect Plug-In Implementation Guide.

Step 3

Export the Control Center HTTPS certificate.

Symantec Messaging Gateway

Export the same certificate that you use for the Control Center HTTPS interface. This certificate lets the Enforce Server authenticate to Symantec Messaging Gateway.

See Exporting a TLS and HTTPS certificate.

See Requesting a Certificate Authority signed certificate.

See Assigning a user interface HTTPS certificate to the Control Center.

Step 4

Import the Symantec Messaging Gateway certificate.

Enforce Server

Import the Symantec Messaging Gateway certificate into the Enforce Server truststore.

See the section on importing certificates in the Symantec Data Loss Prevention Installation Guide for Windows or the Symantec Data Loss Prevention Installation Guide for Linux.

Step 5

Create a client certificate.

Enforce Server

Create a client certificate and truststore with a server certificate from Symantec Messaging Gateway from the Enforce Server command line.

See the section on how to install the plug-in in the Symantec Data Loss Prevention SMG Release from Quarantine FlexResponse Plug-In Implementation Guide.

Step 6

Create a user and role.

Enforce Server

See the section on creating credentials in the Symantec Data Loss Prevention Installation Guide for Windows or the Symantec Data Loss Prevention Installation Guide for Linux.

Step 7

Import the Enforce Server certificate.

Symantec Messaging Gateway

Import the Enforce Server certificate into Symantec Messaging Gateway Control Center.

See Importing an application certificate.

Step 8

Configure the Enforce Server connection details.

Symantec Messaging Gateway

Specify the Enforce Sever credentials and configure the synchronization settings.

Ensure that the account that you use to access the Enforce Server has the appropriate roles to remediate incidents.

See the section on managing roles and users in the Symantec Data Loss Prevention Administration Guide for Windows or the Symantec Data Loss Prevention Administration Guide for Linux.

See Configuring Symantec Messaging Gateway to update data with Enforce Server.

Step 9

Configure policies and their detection rules.

Enforce Server

Configure response policies and rules to insert headers into the messages that violate policies.

See the sections on implementing policy detection and policy responses in the Symantec Data Loss Prevention Administration Guide for Windows or the Symantec Data Loss Prevention Administration Guide for Linux.

Step 10

Create incident folders to capture the messages that violate content filtering policies and hold for remediation or review.

Symantec Messaging Gateway

Select the folder type Hold for Review (Content Quarantine) to hold incidents for remediation. Or you can choose Informational Incidents to hold incidents for review.

See Creating content incident folders

Step 11

Create content filtering policies to detect the header that Data Loss Prevention response rules add.

Symantec Messaging Gateway

Create the policies that scan for the header that Data Loss Prevention (Network Prevent for Enforce) inserts into email messages.

Symantec Messaging Gateway filters messages for these headers. Based on the policy actions that you specify, it creates incidents in quarantine incident folders or informational incident folders.

Specify the policy action Create a quarantine incident to hold these incidents for remediation. Or you can specify the policy action to Create an informational incident to hold these incidents for review.

See Creating a content filtering policy.


Legacy ID



v65024130_v58306712


Article URL http://www.symantec.com/docs/HOWTO77733


Terms of use for this information are found in Legal Notices