Data Loss Prevention

Hi,

Can some one please help me with the below;

I am trying to scan Linux Red Hat machines using SFTP client (WebDrive). The scan completes in few seconds and on review I have noticed that the content in (/root) directory is only being scanned and other directories are not mounted. The system should take / as initial directory.

I have checked the SFTP settings and the initial directory is set to /

Is there any thing I am missing which can help me run the scan on entire Linux box.

Thanks,

Haseeb

check these links

https://www-secure.symantec.com/connect/forums/dlp-scans-linux-servers

https://www-secure.symantec.com/connect/forums/can-dlp-monitor-or-block-sftp-and-ftps-traffic

The best way to look at this is to use the Windows WebDrive application and have it mount the linux Server.

Then from the Windows server look at the mounted drive and see what it looks like. The DLP Discover server is going to treat the SFTP linux mount as a typical Windows Share. So it will need to 'look' the same as a windows share/directory.

Look at the mounted Linux server and see how it looks in Windows.

Keep in mind that there might be an issue with how 'mounted' Linux Drives look to an SFTP mounted servers...this is probably the issue.

The issue might be that the 'mounted' dreives on the Linux servers look like Windows "links" so we will not follow them. There might be an undocumented configuration on making a Discvoer Server follow Windows "links". You will need to contact SYMC support on that.

Take a look at the enclosed document I wrote on using the WebDrive application.

Hope this makes sense.

If this solves your questions please marked as solved.

Ronak

Attachment(s)

WebDrive Application Installation_0.docx   150 KB 1 version