Data Loss Prevention

 View Only

  • 1.  why Symantec DLP architecture recommended in DMZ

    Posted Aug 21, 2013 08:27 AM

     

    Dear All,
     
    Can anyone explain me a valid reason of implementing Symantec DLP in DMZ as per given architecture. please clarify the pros and cons of the same.


  • 2.  RE: why Symantec DLP architecture recommended in DMZ
    Best Answer

    Posted Aug 21, 2013 11:06 AM

    Hello K S ,

    It’s not DLP that recommends to be installed in DMZ but its the environment that is in DMZ where we basically function.

    This is basically true for the network part of DLP ( Network monitor , E-mail prevent, Web prevent ) and as per the technology this is the end of the network chain where the data is open to the world and hence companies put this portion of the network into DMZ ( Proxy, MTA, or TAP \ SPAN ). Now if the System is in DMZ, DLP has to work within the DMZ only. 

    Please let me know if that answers your quarry.

     

    Thanks,

    Sourav

     



  • 3.  RE: why Symantec DLP architecture recommended in DMZ

    Broadcom Employee
    Posted Aug 21, 2013 02:36 PM

    Hello K S,

    We do not recommend that any DLP servers are exposed to the internet. Once a intruder has access to the server, they could get access to sensative data in the incidents folder. Having said this, many customers have some components deployed in the DMZ. 

    Best,

    Ryan



  • 4.  RE: why Symantec DLP architecture recommended in DMZ

    Posted Aug 23, 2013 04:42 AM

     

    SAM . 

    can u explain more on DMZ. How DMZ helps to potect.?



  • 5.  RE: why Symantec DLP architecture recommended in DMZ

    Posted Aug 23, 2013 08:29 AM

    Hello K S,

    Please check the following link : 

    http://en.wikipedia.org/wiki/DMZ_(computing)

    This has quite a good explaination about DMZ . 



  • 6.  RE: why Symantec DLP architecture recommended in DMZ
    Best Answer

    Trusted Advisor
    Posted Aug 26, 2013 02:10 AM

    hi

     If you dont put DLP components in DMZ this can lead to severe security breach on your IS. More or less a DMZ is used to control who access what inside your infrastrutcure. Firewalls and other network component will allow you to give access to someone on your web servers and he will not be allowed to access other servers (not in the same DMZ) from the first one (of course it is even more true for people who dont have any right sto access the first one).

     DLP database and enforce are use to access incident which contains some sensitive information from your company (by definition) so you need to control who access these servers (and the application also). Network monitor and prevent are usually close to the junction between your IS and the internet so they are very sensitive as they could be used by external intruder thats why they have to be put in DMZ.

     Usually there is already some DMZ in place in your infrastructure and you can use them to put DLP in, it is not mandatory to put DLP servers in a new DMZ (of course a DMZ which contains all your servers is no more a DMZ :) )

     Regards.



  • 7.  RE: why Symantec DLP architecture recommended in DMZ

    Posted Aug 29, 2013 08:18 AM

    Thanks SAM and Stephan for your explaination.

    Can anyone tell me more about implementing some part of DLP in DMZ ? can anyone tell me the strong reason as I am aware of that but expecting something more which can convince me.