Data Loss Prevention

 View Only

  • 1.  DLP Endpoint Prevent Physical Server Migration to virtual Server

    Posted Aug 18, 2014 02:05 AM

    Hello all, I want to know that can I migrate one of my DLP Endpoint Prevent Server 12.0.1 running on a pysical Server (LINUX OS ) to a virtual Server.

    Is this migration possible gracefully. meaning it will preserve the configurations of the Endpoint Server as in this migration will be smooth and seamless.

    Your early response on this would be highly appreciated. Thanks & Regards

     

     



  • 2.  RE: DLP Endpoint Prevent Physical Server Migration to virtual Server

    Posted Aug 18, 2014 02:15 AM

    This is an urgent query so a prompt response on this would be highly appreciated. Thanks



  • 3.  RE: DLP Endpoint Prevent Physical Server Migration to virtual Server

    Posted Aug 18, 2014 10:10 AM

    Wil you be keeping the same server name (fully qualified domain name) when doing the move?  If so I've found that things continue to work.

     

    Remember configurations for the Endpoint are stored within the database and that's not changing is it?



  • 4.  RE: DLP Endpoint Prevent Physical Server Migration to virtual Server
    Best Answer

    Broadcom Employee
    Posted Aug 18, 2014 10:20 AM

    Johnathan is correct. As long as the endpoints are pointed in DNS by alias that you cna change then as long as the endpoint server has the same keys for communcation then the endpoints wont know the differnce between the physical server and the virtual. Note that the virutal will have a reduced capacity from 10k to about 7k total in 12.0 (in 12.5 this effect is less signifigant). As long as capacity isnt an issue it should be seemless. Just be sure to set the alias to a short time to live during the transition.



  • 5.  RE: DLP Endpoint Prevent Physical Server Migration to virtual Server

    Posted Aug 18, 2014 02:33 PM

    Thanks for the replies. Kindly confirm about the following jjesse and John Gruhn

    By pointed by hostname Do you mean that the hostname of the Endpoint Prevent Server in Agent confguration is mentioned via its hostname and not the IP Address ?

    jjesse

    1. Yes I would be keeping the same FQDN on the virtual server as the Physical Server. Please also tell if I am using a diffrent FQDN than Physical Server that would be the behavior it would be rendring ?
    2. No Database won't be changing ( It is running on a physical Server ) only the Endpoint Prevent would be migrated to the pysical Server

    John Gruhn

    • There are about 1500 DLP Agents so i think Capacity wont be an issue
    • But this migration would be seamless right, once migrated it won't have any adverse effect or any error ?

    Waiting for your replies. Thanks & Regards,

     



  • 6.  RE: DLP Endpoint Prevent Physical Server Migration to virtual Server

    Broadcom Employee
    Posted Aug 18, 2014 03:25 PM
    The endpoints themselves do not care what endpoint server they connect to except for the DNS entry. That entry is only to point the endpoint to where to send and receive data.


  • 7.  RE: DLP Endpoint Prevent Physical Server Migration to virtual Server

    Broadcom Employee
    Posted Aug 18, 2014 03:25 PM
    The endpoints themselves do not care what endpoint server they connect to except for the DNS entry. That entry is only to point the endpoint to where to send and receive data.


  • 8.  RE: DLP Endpoint Prevent Physical Server Migration to virtual Server

    Posted Aug 19, 2014 05:07 AM

    Please follow the below links

    https://www-secure.symantec.com/connect/forums/virtualization-and-minimizing-server-use-dlp-deployment
    https://www-secure.symantec.com/connect/forums/can-dlp-servers-run-vms