Data Loss Prevention

 View Only

  • 1.  DLP Discover Scanning - specify domain

    Posted Sep 25, 2013 08:20 AM

    Hello,

     

    I need to scan a server on a specified domain within the network, that the scanner is not on. For example, the scanner is on the APPLE domain, but I want to scan a server in the PEAR domain.

    How do I specify this in Content Root section within the Scanned Content please?

    Could somebody also please advise what syntax would be for this?

    I've had a look through posts and the admin guide but can't find anything to help with this!

     

    Many thanks in advance,

    Charlotte



  • 2.  RE: DLP Discover Scanning - specify domain

    Posted Sep 25, 2013 10:54 AM

    Hi Charlotte,

    DLP discover server mounts the share and analyzes the data.

     You just need to make sure that the user we are using for the scan have proper rights to access the "PEAR" domain. 

    For the Content Root section we have two option :

    1. Scan Content Roots From an Uploaded Text File (.txt extension required):

    For this one you need to upload a .txt file with the UNC path.

    2. Scan Content Roots:                               

    Check the following form the DLP Online help :

    Adding items to scan

    Enter one scan target item per line in the Add dialog box.

    Depending on the type of target, items can be file shares, Domino servers, SQL database servers, or SharePoint sites. The item may be a file path or a URL.

    If all items use common credentials, specify the user name and password on the Scanned Content tab.

    If each item has a different credential, enter the user name and password on each target line in the Add dialog box.

    User names and passwords in the Add lines are server-specific and take precedence over the default values.

    The following syntax is used in adding scan target items:

    path[, [username, password][, [depth][, remediation-username, remediation-password]]]

    Note:

    Items in this syntax are relevant to some, but not all, target types.

    Use the following notes as guidelines:

    • You must specify a depth to include remediation credentials.

    • If no depth is specified, all subdirectories are scanned.

    • If depth is left blank, no subdirectories are scanned.

    • To specify a depth and use the default log on credentials for the specified item, include commas for the empty values.

    • If you enter a user name and password, only the user name appears on the list in the Scanned Content tab. The depth does not appear on the list.

    The following examples illustrate adding file shares:

    • \\share\marketing,daniel1,o2qw73,6,david1,abc123-r

      Discover logs on to \\share\marketing using the user name daniel1 and password o2qw73.

      The scan checks down six subdirectories from the path specified: \\share\marketing but it does not check the content that is located in, for example, \\share\marketing\docs\competitor\pdfs\analysis\temp\junk\other\, or the files that are located in \\share.

      The person assigned the remediator role is able to log on to the server using the credentials david1 and abc123-r. The remediator also has access to the content according to the permissions that are granted on that server for those logon credentials.

    • \\share\marketing,,,6

      Discover uses the default user name and password, and scans down six subdirectories. Note that when the default password is used, you must still include a comma for the null user name and password.

      No remediator intends to access the incident files, so the user name and password are omitted, and commas are needed to signify their place.

    Hope this helps!

     

    Thanks,



  • 3.  RE: DLP Discover Scanning - specify domain

    Broadcom Employee
    Posted Sep 27, 2013 03:51 AM
    One more thing you need to concern: You need to configure the domain Apple can resolve the domain Pear. Generally, you need to configure this on the DNS of the Apple domain.