Data Loss Prevention

 View Only

  • 1.  DLP Version and Server OS Upgrade

    Posted Dec 05, 2014 02:12 AM

    Hello all , I have a requirement to complete and I Would like all of you to give me your suggestions , recommendations to achieve it succuesfully. 

    Currently following is the DLP infrastructure . Its a three tier infrastructure running 12.0.1 and on linux with the following:

    Requirement is to upgrade DLP to 12.5.1 and RHEL OS 

    • Enforce server 12.0.1 running linux
    • Oracle DB running on a diffrent machine with the supported version 
    • 2 Network Monitor running on linux
    • 3 EDP servers
    • Network Discover/protect
    • Network Prevent Web
    • Network Prevent Email

    all of the detection and enforce server are on RHEL 4.4./4.5.  Now the requirement is to upgrade DLP to 12.5.1 and also upgrade the RHEL OS to either 6.4/6.5.  So I am wondering what is the best ans most optimal way to achieve it. following is the POA which comes into my mind please suggest

    Scenerio1:

    1. Upgrade all of detection servers and enforce  from 12.0.1 > 12.5 > 12.5.1
    2. Once upgrade is succuesful then upgrade the RHEL OS either to 6.4/6.5 
    3. If I upgrade the RHEL OS to 6.4/6.5 would it have any adverse effect on DLP application after upgrading it to latest version ?

    Scenerio2:

    1. Arrange new linux machines already runing RHEL 6.5 
    2. restore all detection servers and enforce server on these new boxes
    3. Once the restore part is done then upgrade DLP 12.0.1 to 12.5 and then to 12.5.1 
    4. Would doing it this way would it break the application or cause any major issue ? 

    Now here is the strange part which is a bit confusing 

    DLP 12.0.1 officially supports RHEL 5.6- 5.9

    DLP 12.5 officially supports RHEL 5.7 - 5.10 and 6.4/6.5

    So if I go with the restoration part then wouldn't DLP 12.0.1 have any compatability issues with RHEL 6.4/6.5 ?

    Secondly can I upgrade the OS in scenerio 1 would it break the application if I upgrade the OS 

    so keeping these two aspects into consideration which scenerio is more feasible to do to accomplish the requirement and if any 1 has some better idea to achieve the requirement then please share it with me.

    Thanks



  • 2.  RE: DLP Version and Server OS Upgrade

    Posted Dec 07, 2014 07:40 PM

    Full backups, then upgrade

    My preference would be getting full backups of Enforce, detection servers, and a full (cold or hot) backup of Oracle. After those are secured, upgrade your servers to RHEL v6.5 via Yum, or whatever method you use. Upgrade Oracle to 11.2.0.4, then upgrade your database. Upgrade Enforce, then push the upgrade to your detection servers. You can do the upgrade like you said, v12.0.1 to v12.5 to v12.5.1. However, you can save some time by skipping v12.5 and upgrade DLP from v12.0.1 to v12.5.1. I don't think upgrading your operating systems will hurt the required RPMs for DLP and Oracle. You can always check them using the system requirements docs. After everything is up, running, and looks good, use Enforce to build new Endpoint install packages and phase in your agent upgrades.



  • 3.  RE: DLP Version and Server OS Upgrade

    Posted Dec 08, 2014 08:49 AM

    I agree with Ethan M posted above.  He posted a great plan.



  • 4.  RE: DLP Version and Server OS Upgrade

    Posted Dec 08, 2014 12:09 PM

    Hello jjesse and Ethan. M thanks for your replies , however I have few doubts would greatly appreciate if you can clarify and help.

    1. Oracle DB still supported by  11.2.0.3 for DLP 12.1.5 so I can still keep using this as the DB right ? 

    2. As mentioned in the release notes upgrade should be from 12.0.1 > 12.5 > 12.5.1 can't skip 12.5 

    3. If I upgrade the current DLP servers running 12.0.1 to 12.5.1  on the machines running on RHEL 5.4/5.5 and once the upgrade happens then update the RHEL 5.4/5.5 to 6.4 would it break anything or there are some other precautionary measure I am also required to take ? 

    4. If I ready new servers running RHEL 6.4 and then simply restore my DLP 12.0.1 enforce/detection servers on it , would it still work ? ( keeping in mind the DLP 12.0.1 doesnt officially support RHEL 6 ) ? which one is more feasible and do-able to achieve the objective without breaking anything ? 

    Regards 



  • 5.  RE: DLP Version and Server OS Upgrade

    Posted Dec 08, 2014 01:01 PM

     

     

    1. Yes, you could stay with 11.2.0.3, if you want

    2. You are already on the v12 release. You should be okay going from v12.0.1 to v12.5.1 and be able to skip v12.5

    3. Unknown. I would first upgrade RHEL to v6.5, then go ahead with the DLP upgrades

    4. This sounds like too much work. 

     



  • 6.  RE: DLP Version and Server OS Upgrade

    Posted Dec 08, 2014 02:50 PM

    So Ethan what I am understand is I should update my current boxes running on RHEL 5.4/5.5 to 6.4 DLP 12.0.1  will rull on RHEL 6.4 ( Altough DLP 12.0.1 does not officialy supports RHEL 6 , it supports RHEL 5.6 - 5.9 ) and once RHEL is upgraded to 6.4 I should update DLP 12.0.1 to 12.5.1 ? is this is how I should go about it ?



  • 7.  RE: DLP Version and Server OS Upgrade

    Posted Dec 08, 2014 03:07 PM

     

     

    Sounds like you got it. Full backups first of DLP servers and the database. Upgrade the operating systems. (optionally) upgrade Oracle, upgrade DLP starting with Enforce.