Data Loss Prevention

 View Only
  • 1.  FTP Monitoring

    Posted Jan 07, 2011 10:56 AM

    Hi Everyone:  My company is looking to implement FTP monitoring.  Does anyone have tips/suggestions to share from their experience of implementing FTP monitoring? 

    Thanks 



  • 2.  RE: FTP Monitoring

    Posted Jan 07, 2011 12:27 PM

    Are you going to be monitoring FTP with Network Monitor or Endpoint Prevent?

    I find that monitoring from Endpoint is the much more useful of the two because if you have an internal FTP server, it will be able to catch those incidents. Also, it's easier to get more user-specific information out of Endpoint. If your company uses an encryption gateway, Endpoint would catch the incidents before they even leave the machine whereas Net Monitor would need to be positioned before the gateway or else you won't be able to catch any of those incidents.

    Other than those suggestions, I've found that it works well and I didn't have any real issues with it. It was pretty straight-forward.

    - xlloyd



  • 3.  RE: FTP Monitoring

    Posted Jan 07, 2011 02:31 PM

    It will be using network monitor.



  • 4.  RE: FTP Monitoring

    Broadcom Employee
    Posted Jan 08, 2011 07:47 AM

    yes, the network monitoring and prevention will meet your need.



  • 5.  RE: FTP Monitoring

    Broadcom Employee
    Posted Jan 12, 2011 09:25 AM

    After adding the Network Monitor on your Enforce Server, click 'Configuration' button of the Network Monitor Server, on the 'Packet Capture' tab, you can enable the FTP protocol:



  • 6.  RE: FTP Monitoring

    Posted Jan 25, 2011 06:55 AM

    Is there an Endpoint agent available for the Linux machine? I am running a Linux FTP Server and it may help pretty much.

     

    Regards,

    Roju.



  • 7.  RE: FTP Monitoring

    Posted Jan 25, 2011 07:51 AM

    Is it that only the FTP server is running Linux and the clients are running Windows or are they all running Linux?

    I don't think that it's a best practice to put an agent on a server but I may be mistaken. In any case, I don't think that there's a client for Linux. I checked the downloads available with my license and saw only a Windows client.

    In your scenario, if you really want to monitor FTP from the server-end rather than the client-end (running Windows clients) or if you have Linux clients...what I'd do is make sure the FTP server is in the DMZ and use a Network Monitor/Prevent server at the intersection of the ingress, egress, and DMZ points.

    That way it'd capture both data leaving the network and data leaving the DMZ...it might put a strain on performance depending on how heavily the servers inside the DMZ are used though.

    I'm no expert though...just my thoughts =]

    Hope that helps
    ~xlloyd.



  • 8.  RE: FTP Monitoring

    Posted Jun 29, 2011 12:41 AM

    Server downtime is no more a problem. Keep your website/server up and working. Monitor Scout, a complete web monitoring solution provider has also launched its services across the globe which will not only give prior notifications but will also help in maintaining server/website health regularly. http://www.monitorscout.com
    please follow this link to sign up for free trial.

    Thanks!