Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Questions: Setting up Vontu to report on personal files

Created: 11 Feb 2014 | 3 comments

Hi,  Sorry for the very basic question.  How time consuming is it to setup Vontu to report on personal files such as JPG and videos on 1000 file servers with agents installed?  We just want to report on them and then ask the people if they actually need them.  Are there any other rammifications to doing this we should watch out for?  Thanks.

Operating Systems:

Comments 3 CommentsJump to latest comment

kishorilal1986's picture

This you can do using response rule , for that your policies should be accurate to identify the files and data which you want to detect and report. you can create some conditions so that based on the incident and data condition will trigger.

wrlang's picture

Thanks, but how long would it take the average Vontu administrator to setup a response rule and policies and conditions to report on 12 specific video file types?

DLP Solutions2's picture

WrLang,

So it is a little hard to answer your question for a few reasons..

  1. Are you using Endpoint agents to scan the file servers or are you using DLP Discover? DLP Discover is faster at scanning files than DLP endpoint. So time is going to be your biggest hurdle. On average DLP Discover can scan about 1TB per day, but this might be faster or slower depending on the policies configured. You can scale this and have many DLP Discover server scan the servers and would provide faster results.
  2. When it comes to the policy it is very easy to create one to look at file types. There is a page where you can select the different media types that you might want to look for. This will take you about 5 minutes to configure the policy.
  3. Nice thing about the product is that you can automate the emails that are sent to the users as part of the scan. It will do this IF you have configured the LDAP lookup to pull the email information about the OWNER of the file. (You will need to figure out the ones that are owned by Administrator or orphaned)
  4. Once you have done this, hopefully the isers will clean up the data. After that you can run a subsuqnet scan and Quarantine the files automatically to a secure location too.

DLP is more meant for content analysis and is based off a single scan and does NOT automatically update itself, it requires another scan to get new stats.

If you want a really good way to get STORAGE reporting you may want to look at Symantec Data Insight. It will inventory all of your storage servers and will proivde robust reporting and analytics on ALL filetypes very easily. You can then create reports by users, departments and a ton of other metrics. It will also collect usegae stats on who touched what file when and how often..very cool application.

If you are interested in more, let me know and send me a personal message (PM) and we can possibly work on getting you the right product for the job.

Hope this makes sense.

If this solves your questions please marked as solved.

Ronak

Please make sure to mark this as a solution

to your problem, when possible.