Video Screencast Help

Access rule on ISA for Symantec Data Loss Prevention (DLP)

Created: 19 Nov 2012 • Updated: 21 Nov 2012 | 3 comments
atif.shafique's picture
This issue has been solved. See solution.

Hello Everyone,

I have installed the plug-in available in DLP media on ISA server and also created a rule for communication to network Prevent (Web) server on ISA firewall but communication is not getting established between ISA and Network Prevent machine, can anyone please guide me how to create the access rule?

I am unable to telnet Network prevent server on port 1344 however i can telnet it from other machines on LAN which means problem is with the access rule of ISA. One strange thing is that my configuration on configure web filter utility (ISA machine) is synchronized with DLP enforce server. May be its because configuration is not forwarded to enforce over port 1344.

Need solution!

Comments 3 CommentsJump to latest comment

yang_zhang's picture

You need to input the IP address of your Network Prevent for Web into the ISA plugin GUI.

And, defaultly, the Network Prevent for Web is working under Trail Mode, don't forget to un-check it.

If a forum post solves your problem, please flag it as a solution. If you like an article, blog post or download vote it up.
atif.shafique's picture

Thanks for your reply, i have already configure the IP and port in filter configuration utility installed on ISA, Please confirm me how to configure the access rule which will allow traffic between ISA and network Prevent (Web), right now i can telnet network prevent over port 1344 from local LAN but when i try the same from ISA it doesn't create any session on port 1344 which means problem is with the access rule of ISA firewall.

atif.shafique's picture

My Issue has been resolved!

Go to your ISA Management

Go to Firewall Policy

On the right hand side, select toolbox, then Protocols.

Click New and add one with 2967 as the port number with no secondary connections.

Then, create a rule from Localhost to the Symantec server(or the other way around or both depending on how it works) on this protocol. You will also need to define the Symantec server as a computer, this can be done in the same location as the new protocol, except in Network Objects.