Symantec Data Loss Prevention in Hyper-V
Created: 19 Nov 2012 | Updated: 04 Dec 2012
Hello,
I want to install (actually making some testing already) Symantec Data Loss Prevention in Microsoft Hyper-V virtual environment. I know that it is recommended to use VMware for that, but we already have three Windows 2008 R2 Ent servers so Hyper-V is already licensed.
Questions:
- What is the best practice to set up Symantec Data Loss Prevention in Hyper-V?
- What are possible issues I could face performing such kind of setup?
I know that virtualisation of Network monitor is not possible, and for Oracle - not recommended.
Quick Look Solution
Hi UFO, Please find the
Hi UFO,
Please find the below configaration for testing
•Two virtual machines (VMs)
•“EnforceDemoX64 (v11)” – Contains Enforce, Oracle, and
a detection server
a detection server
•“Windows 7x64 (v11)” or “Windows 7x32 (v11)” (“Endpoint”) – Contains DLP Endpoint Agent
•SE Laptop Requirements
•90GB of disk space
•8GB RAM (recommended)
•VMware Workstation 7.x or higher
Also refer below links
https://www-secure.symantec.com/connect/forums/virtualization-and-minimizing-server-use-dlp-deployment
https://www-secure.symantec.com/connect/forums/installing-11x-vmware
Comments
Hi UFO, Please find the
a detection server
Still testing this. I will
Still testing this. I will reply on results asap. Thank you for this checklist.
STS: DLP and Storage Foundation for Windows
If this post was helpful please vote +1
If this post was useless or just for points please vote -1
kishorilal, thanks for
kishorilal, thanks for the link - seems to be kinda what I was looking for.
STS: DLP and Storage Foundation for Windows
If this post was helpful please vote +1
If this post was useless or just for points please vote -1
I've tried to get it working
I've tried to get it working in Hyper-V before and had real issues. For what it's worth, I could get Enforce and Oracle going okay. Discover servers worked okay EXCEPT for Network Monitor. I could not find a way to dedicated a NIC via SPAN to get the data up to Monitor. If there is a way to put a NIC on Hyper-V in promiscuous mode, then best of luck.
Aaron
If this post has helped you, please vote up or mark as solution to help others looking for the same data.
Aaron, thank you. I think
Aaron, thank you. I think that if I could manage to get some part of SDLP working in virtual environment - I will be happy with that. Symantec says that one couldn't put Network Monitor in virtual environment though. It requires physical server with 2 physical network interfaces.
STS: DLP and Storage Foundation for Windows
If this post was helpful please vote +1
If this post was useless or just for points please vote -1
UFO, This is true, but I've
UFO,
This is true, but I've done it on VMware and XenServer without much issue. You just have to dedicate a NIC to the VM and ensure it can handle the traffic. I think in moderate to low traffic environments, it should be okay. If you get to somewhere that has 10 Gig traffic or needed a special NIC to handle the load, I would certainly make it hardware-based.
Aaron
If this post has helped you, please vote up or mark as solution to help others looking for the same data.
i have built a entire 6k node
i have built a entire 6k node of SDLP in vmware EXCEPT network monitor, they have had to much traffic to work. The client chose vmware as it can scal with them as they continue to grow, and can add resources as needed very quickly.
Would you like to reply?
Login or Register to post your comment.