Video Screencast Help

DLP-SSIM integration benefit !

Created: 19 Mar 2012 • Updated: 17 Dec 2012 | 2 comments
This issue has been solved. See solution.


Anyone has integrated SSIM and DLP to each other. What is benefit of that?



Comments 2 CommentsJump to latest comment

kishorilal1986's picture

Hi Albert,

Please read the below features that both having (DLP and SSIM) , I had also attached the SSIM collector for integrating Symantec DLP. You will get to know all the advantges in details in below Symantec pdf refernce.

What SSIM does ?Protect business interactions, information and IT infrastructure

Use comprehensive data correlation to identify and prioritize risks against security threats to reduce incident response time

2.Reduce cost by standardizing security management and compliance processes

3.Create a platform to protect against emerging threats, prevent data breaches, report on incidents, and document compliance

4.Control costs and reduce complexity through continuous security management

  1. Optimize enterprise security processes to identify vulnerabilities and protect against attacks.

DLP tells you when and where sensitive data is vulnerable, SIM tells you which user accounts have accessed the data

Key BenefitsReduce proliferation of confidential data across enterprise data centers, client systems, remote offices, and end-user machines.

Identify broken business processes transmitting confidential data.

Monitor and protect communications of sensitive content to public websites.

Define and deploy universal policies across the enterprise. 

Also find the Procedural guide for Symantec™ Event Collector 4.4 for Symantec DLP Quick Reference

I Hope you got the answer of your question.



SSIM collector 4.4 with DLP.pdf 537.06 KB
kishorilal1986's picture

Hi Albert,

 As per Symantec above Symantec document, you will know that because of the role that intrusion-detection point products such as Symantec DLP play in defense-in-depth scenarios, filtering or aggregating these events is not recommended. However, it is possible that systems on a network play a specific role to ensure the security of an organization. This type of role may result in false positives from the device. For example, computers within the network that assess vulnerability risks may use techniques that cause intrusion-detection point products to report that the network is under attack. If you have this type of scenario, you can aggregate the events from that computer. The collector includes the following default filter that is enabled by default: