Data Loss Prevention

 View Only

  • 1.  DLP Scans on Linux Servers

    Posted Dec 24, 2013 05:40 AM

    Hi,

    I tried to run DLP scan on Linux servers using root account through SFTP(Webdrive) but i can see that it's scanning only few system files and not scanning the mount files.

    My DAR server is Windows based. I reached the symantec support and they say that SFTP is not supported on Linux servers but the admin guide says its not supported only if the DAR server is installed on Linux platform.Request help on this..

     

    Regards,

    Dileep


     

     



  • 2.  RE: DLP Scans on Linux Servers

    Broadcom Employee
    Posted Dec 24, 2013 09:34 PM

    The SFTP is really not officially supported.



  • 3.  RE: DLP Scans on Linux Servers



  • 4.  RE: DLP Scans on Linux Servers

    Posted Dec 30, 2013 04:14 AM

    Hi,

    Thanks for response.I am trying to scan(using root credentials) Red Hat Enterprise Linux 5.9 X86 64 bit servers from a DAR server which is installed on Windows.Is SFTP supported for this scan?

    Regards,

    Dileep

     



  • 5.  RE: DLP Scans on Linux Servers

    Posted Dec 30, 2013 04:23 PM

    This sounds like a SFTP server permissions issue. However, you can visit www.srthelpdesk.com and submit a support ticket there if you would like some technical assistance regarding WebDrive. 



  • 6.  RE: DLP Scans on Linux Servers

    Posted Dec 31, 2013 12:53 AM

    Hi Kim,

    Thanks for your response.The DAR scanner was able to reach the Linux servers through SFTP using root account and scanned few system file but failed to scan the mount files on that linux server.

     

    Regards,

    Dileep



  • 7.  RE: DLP Scans on Linux Servers

    Trusted Advisor
    Posted Jan 08, 2014 12:23 PM
      |   view attached

    Dileep,

    The best way to look at this is to use the Windows WebDrive application and have it mount the linux Server.

    Then from the Windows server look at the mounted drive and see what it looks like. The DLP Discover server is going to treat the SFTP linux mount as a typical Windows Share. So it will need to 'look' the same as a windows share/directory.

    Look at the mounted Linux server and see how it looks in Windows.

    Keep in mind that there might be an issue with how 'mounted' Linux Drives look to an SFTP mounted servers...this is probably the issue.

    The issue might be that the 'mounted' dreives on the Linux servers look like Windows "links" so we will not follow them. There might be an undocumented configuration on making a Discvoer Server follow Windows "links". You will need to contact SYMC support on that.

    Take a look at the enclosed document I wrote on using the WebDrive application.

    Hope this makes sense.

    If this solves your questions please marked as solved.

    Ronak

     

    Attachment(s)

    docx
    WebDrive Application Installation.docx   150 KB 1 version