According to the previous article:
we can set up a cluster of the DLP Enforce for High Availability.
Below is a graphical instruction to implement cluster for DLP Enforce by VCS based on Windows platform.
Here is the simple topology of the testing environment with 3 servers. This is a 3-tier installation, and, we didn't draw the detection server:
1. Install Oracle DB and create DLP instance protect on server1.
2. On Enforce1 and Enforce2, install Oracle Client software. For the installation of the Oracle Client, please refer to this article:
3. On Enforce1, run ProtectInstaller to install the DLP Enforce.
4. After the installation of DLP Enforce on Enforce1, there will be a encryption key created which stored on the file CryptoMasterKey.properties
5. Copy the file CryptoMasterKey.properties from Enforce1's folder: \SymantecDLP\Protect\config to Enforce2.
6. On Enforce2, run ProtectInstaller to install the DLP Enforce, but, on the 'Initialize DLP Databse' windows, uncheck the 'Initialize Enforce Data':
7. Select the CryptoMasterKey.properties which copied from Enforce1:
8. Install VCS both on Enforce1 and Enforce2.
9. Launch Verits Cluster Manager to log into the cluster.
10. Add 5 resources which the type is GenericService. These 5 resources are: VontuManager, VontuMonitorController, VontuIncidentPersister, VontuUpdate, VontuNotifier.
And the dependence of these 5 services is as below:
Here, we finished the simple implement of the cluster for DLP Enforce. The Enforce1 and Enforce2 will act as a cluster to support High Availibility.
After configure the IP resource, the administrator can use the Virtual IP to log into the Enforce Console.