Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Post Upgrade hangover: EDM profiles are out of date and need reindexing

Created: 20 Aug 2014 • Updated: 21 Aug 2014 | 2 comments
This issue has been solved. See solution.

I recently upgraded from DLP 11.6.2 onto 12.5 and I was in the process of updating a manual monthly EDM profile update on the Enforce server when I noticed an error on my other EDM profiles stating:

(This profile is out of date and must be re-indexed. Please refer to the "Memory requirements for EDM" section in the current Symantec DLP Administration Guide for additional information.)

I reviewed the 12.5 Admin guide and is said to increase the index memory for EDM profiles based upon an estimation of the size of the profiles; which I did.

I have reviewed the incident lists and events are still being generated related to the EDM profiles since the date of the upgrade.

My question:

Is it safe to assume that all of the policies are still functioning and the errors are relating to the fact that the policies are not listed with a current date? (As most of them have only been uploaded once)

Please advise.

Thank you!

Operating Systems:

Comments 2 CommentsJump to latest comment

Sym_DLP's picture

Hi,

After reading the above explanation, i can say that the policies will function properly, But you might miss few incidents,because your EDM profile is outdated. To explain this more clearly, suppose you are using a EDM of a list of Email ID's as a Rule for capturing a specific kind of Data leak incidents, then since your profile is outdated and does not contain the latest list of Email ID's you might miss to capture few Leaks.

It is always suggested to Update your EDM profile regularly based on the type of Data you are using in your EDM profile.

Best Practise to update EDM profiles is on a monthly basis.

SOLUTION
PENguinn's picture

Thank you for the response. I figured that the EDM policies would be OK but I wasn't 100% positive.

Thanks again!