Data Loss Prevention

 View Only

  • 1.  Using Endpoint Agent for Disover scan of Windows File System

    Posted Oct 03, 2012 11:45 AM

    Hi,

    Did anyone ever successfully try to use the Endpoint Discover agent (instead of Windows Scanner) to scan Windows file shares?  We tried to use the file system scanner and the scan somehow worked, but I'm wondering if the Endpoint agent would be easier to manage.



  • 2.  RE: Using Endpoint Agent for Disover scan of Windows File System

    Trusted Advisor
    Posted Oct 03, 2012 05:24 PM

    The DLP agent is not used to scan Shares on the network. It is designed to scan the local drives on the machine it is installed on.

     

    If you want to scan network shares, then it is best to use the Network Discover scanning. If you want to scan the local drives, then use the endpoint agent. You can alos install the agent on a server and then scan all of the local drives, but make sure to filter out the directories that do not matter. (windows directory etc) This is why the Network Scanner might be better, it is a more targeted approach than the whole file system.



  • 3.  RE: Using Endpoint Agent for Disover scan of Windows File System

    Posted Oct 03, 2012 11:55 PM

    Margaret,

     

    the network discover has a ton of options on scheduling and throttling, this is also where the copy and quarantine (ransom note) comes in also. network discover also cover sql/exchange and sharepoint servers as well.