截屏视频帮助

Access rule on ISA for Symantec Data Loss Prevention (DLP)

创建时间: 19 11 月 2012 • Updated: 21 11 月 2012 | 3 条评论
atif.shafique 的图片
此问题已解决。 请查看解决方案。

Hello Everyone,

I have installed the plug-in available in DLP media on ISA server and also created a rule for communication to network Prevent (Web) server on ISA firewall but communication is not getting established between ISA and Network Prevent machine, can anyone please guide me how to create the access rule?

I am unable to telnet Network prevent server on port 1344 however i can telnet it from other machines on LAN which means problem is with the access rule of ISA. One strange thing is that my configuration on configure web filter utility (ISA machine) is synchronized with DLP enforce server. May be its because configuration is not forwarded to enforce over port 1344.

Need solution!

讨论 归类至以下社区:

评论 条评论跳转至最新评论

yang_zhang 的图片

You need to input the IP address of your Network Prevent for Web into the ISA plugin GUI.

And, defaultly, the Network Prevent for Web is working under Trail Mode, don't forget to un-check it.

If a forum post solves your problem, please flag it as a solution. If you like an article, blog post or download vote it up.
atif.shafique 的图片

Thanks for your reply, i have already configure the IP and port in filter configuration utility installed on ISA, Please confirm me how to configure the access rule which will allow traffic between ISA and network Prevent (Web), right now i can telnet network prevent over port 1344 from local LAN but when i try the same from ISA it doesn't create any session on port 1344 which means problem is with the access rule of ISA firewall.

atif.shafique 的图片

My Issue has been resolved!

Go to your ISA Management

Go to Firewall Policy

On the right hand side, select toolbox, then Protocols.

Click New and add one with 2967 as the port number with no secondary connections.

Then, create a rule from Localhost to the Symantec server(or the other way around or both depending on how it works) on this protocol. You will also need to define the Symantec server as a computer, this can be done in the same location as the new protocol, except in Network Objects.

解决方案