Video Screencast Help

DLP 12.0.1 Initial Sample Monitoring Policies

Created: 07 Jul 2014 • Updated: 24 Aug 2014 | 11 comments
Outrageous's picture
This issue has been solved. See solution.

Hello All,  I have just freshly deployed DLP 12.0.1 for one of my customers. Now I am looking for some initial sample policies that I can configure on DLP that will Initially Monitor or log incidents but does not block anything be it Endpoint Prevent, Network Discover , SharePoint Scanning, Exchange Scanning etc etc . 

So I will be really greatful if some one can share some sort of a template or initial policies that I can configure in my envoirement for the initial monitoring which I can fine tune with the pessage of time.

 

Your kind response will be highly appreciated. Regards,

 

Operating Systems:

Comments 11 CommentsJump to latest comment

stephane.fichet's picture

hello,

 you could get some default policies in all solution pack available with DLP so you will have some default policies related to your customer business activity (and also some default profile).

 

 regards.

Outrageous's picture

Hello Stephane thanks for the reply, Actually When DLP was deployed no solution pack was imported into it. 

Outrageous's picture

Prior to running a network discover scan either on SharePoint, Exchange , DB etc etc . We need to define some policies that will leverage with this scan . Could you please refer to the page number in the admin guide or some article that will shed more light on these policies that we are required to configure prior to running a netwrok discover scan ? 

thanks

Sym_DLP's picture

Hi ,

Please create few policies based on your Customer's Business activity.

Let us know your customer's Business activity i.e. for e.g. Telecom, Bank, insurance etc..

i can share you few templates.

 

SOLUTION
Outrageous's picture

Hello Sym_DLP Thanks for your reply. Its a telecom organization. I am implementing Endpoint Prevent so I

would be really glad if you can share some policies that I can implement.

Thanks and Regards,

Danielolima's picture

Hello "Outrageous" ... 

Why do not you use one of the packages of patterns of tool solutions such as: 

Retail_SolutionPack_v12 

or 

Telecom_SolutionPack_v12 

If the problem was not imported in the endpoint deployment server, you can stop the services of servers and ENFORCE ENDPOINT and make subsequent installation of the packages, I did in my environment and it worked! 

Hope this helps ...

Outrageous's picture

Thanks for your reply Danielolima but as far as i know you cannot import a solution pack after the detection server has been deployed and registered.

If you have any article on this then please do share

kishorilal1986's picture

Dear outrageous,

You first need to import Telecome solution pack which having some defuault policies related to Telecom and can be used for futhre monitoring. Keep setting on server as monitor. Still you want to create policies I would provide you some policy details which further you can create by some research.

  • Restricted Recipients Policy
  • Credit Card Numbers Policy
  • Customer Data Protection Policy
  • Employee Data Protection Policy
  • Network Security Policy
  • Network Diagrams Policy

https://www-secure.symantec.com/connect/forums/sym...

https://www-secure.symantec.com/connect/forums/sym...

See below video for policies on symantec DLP

https://www.youtube.com/watch?v=hlRZhB60PU4

 

Outrageous's picture

Dear kishorilal1986 thanks a lot for your help.

No solution pack was imported into the Enforce prior to installaton the detection server. As far as I know I cannot import solution pack now , please confirm if I can do it now ?

Thanks & Regards

kishorilal1986's picture

You can try now but as per installation method,Solution pack must  be imported  right away after the installation of Symantec Enforce server installation and before any detection server installation.