Think about this scenario: a department neet to protect an account and password table, but, it cannot be provided to the DLP administrator to create the EDM index as it's sensitive to other department.
Remote EDM Indexing enables the owner of the data, rather than the DLP administrator, to index the data on a remote machine.
Here are the graphical steps to implement Remote EDM Indexing.
We just assume that the data needed to be protected is an account/password table, just like this:
1. Firstly, install Remote EDM Indexer on the machine of the data owner. The Remote EDM Indexer is installed from the same installation program as the other Symantec DLP components. Run the ProtectInstaller64_14.6.exe:
2. Choose to install the 'Indexer' only and no other components:
3. The Remote EDM Indexer is named RemoteEDMIndexer.exe under the SymantecDLP\Protect\bin:
4. From DLP Enforce console, select 'Manage' - 'Data Profiles' - 'Exact Data':
5. Click 'Add Exact Data Profile':
6. Enter a name of the profile, in the 'Data Source' field, select 'Use This File Name', and enter the name of the index file to create with the *.edm extension; input the number of columns; select 'Column Separator Char' and 'File Encoding' accordingly:
7. Do not select any Indexing option, click 'Finish' to complete the profile creation process:
8. Download the EDM profile by click 'download profile' link:
9. Save the EDM profile as a file with *.edm extension:
10. Assume there are three folders, the 'account-password-source' for the source file to be protected, the 'account-password-index' for the EDM profile file that downloaded in step 9, the 'account-password-index-result' for the Remote EDM Profile result:
11. Copy the source file to be protected into 'account-password-source' folder:
12. Copy the EDM Profile file that downloaded in step 9 in the 'account-password-index' folder:
13. Run Windows cmd, change the directory to the Remote EDM Indexer installed, run this command to generate the remote index files:
RemoteEDMIndexer.exe -data=C:\account-password-source\account-password.txt -profile=C:\account-password-index\account-password.edm -result=C:\account-password-index-result
confirm the command run successfully:
14. After the indexing process completes, the Remote EDM Indexer generates several files in the specified result directory. There files are named after the data file that was indexed, with one file have the .pdx extension and another file with .rdx extension. The system generates 12 .rdx files:
15. Copy all the index files with .pdx and .rdx extensions to the index directory on the Enforce Server which is located at \SymantecDLP\Protect\Index:
16. From DLP Enforce console, select 'Manage' - 'Data Profiles' - 'Exact Data', click the name of the Exact Data Profile used with the Remote EDM Indexer, select 'Load Externally Generated Index' of the 'Data Source' field, click to select 'Submit Indexing Job on Save' of the 'Indexing' field, then click 'Save' button:
17. Finally, you can select to add this EDM rule to a detection policy:
