DLP POC
Created: 25 Feb 2013 | Updated: 07 Mar 2013 | 10 comments
This issue has been solved. See solution.
Hi Guys,
I need some feeback regarding conducting DLP POC.
1. I know Symantec has pre-built demo VM but those are only for Symantec employees. In that case what is the best approach to cover DLP topics with limited hardware resource to include Oracle, Enforce and all other detection servers?
2. How many detection servers should be added for a POC? Should we deploy/use all disvocer servers or Endpoint is good enough for POC?
3. How can we demonstrate Network Prevent for Email and Web capabilit if client does not have test bed environment for web and email proxies?
4. Is there any guide/script available for POC which we can follow to ensure proper sequence?
Regards,
Operating Systems:
Discussion Filed Under:
Comments 10 Comments • Jump to latest comment
Anyone please?
Atif,
I do a lot of POC's in vmware, first you have to decide what componet(s) does the client want. We will setup a netowrk monitor, 99% of the time we do not do a np for web or email as things will have to be undone when we leave.
I will usally do endpoint and network discover on 2-3 servers and a sharepoint server.
Thanks stumunro. So you build your own VM from scratch by installing OS and DLP software? Do you deploy those VMs on a server or use your own laptop?
Atif,
we use their vmware infrastructure, we use our prebuilt vm's and then just change ip ddresses. We also do have physical hardware. most clients like the vmware for a POC as they just kill their vm's when do and they know no IP or whatever they are concerend about didnt leave with us...
Thanks stumunro. Is it possible for you to share VM as it would save me lot of time?
may be you can also check with your local Symantec team for more information.
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
Hi Atif below is Support for VMware
For Q 1 & 2 best approach to cover DLP topics with limited hardware resource to include Oracle and detection servers should be added for a POC
a detection server
For Q 3 & 4 demonstrate Network Prevent for Email and Web capabilit and guide/script for demo
Policies
Live incidents for
Workflow/RBAC
Reporting
Be familiar with the resources available for customer demos, including the Demo Script, the Evaluation Workshop Presentation, and the Demo VMs.
Atif,
sign into symantec educaitona nd look @ the SSE SSE+ exams... this wiill help then moveonto the STS and ASC exams...
Hi Atif,
with supplement to above my answer , I would like to guide u regarding POC for DLP.
For POC u need to create test environment with some kind of production environment. As u know only symantec employee having VMware of DLP.
But As u are symantec partner, u can request for Not for sale/evalution software of DLP to perform DLP POC for client . U can do this with min. hardware and software req. as i mentioned in above responce.
I hope this will suffice to getting idea for DLP POC.
KS Sharma
whay not build your own vmware, i use this all the time for a POC with client.
I generally do discover scans, endpoint, i do not get into NP for web and email or network monitor..as those will require a client to do change control and network reconfigs...
Would you like to reply?
Login or Register to post your comment.