Data Loss Prevention

 View Only

  • 1.  Migrate from Single Tier to Three Tier

    Posted May 15, 2017 12:36 AM

    Hello all,

    I currently have a pilot implementation of DLP where I've setup a single tier architecture of DLP. Now we're planning to expand the setup and move to Three Tier architecture. What would be the best possible approach.

    1. Fresh three tier installation and moving agents to new server?

    2. Migrate existing database and policies on new server? Is it possible to migrate database from single tier server to three tier? What all things I will have to consider in this case?

    Also, the existing setup is v14.5. I was thinking of moving to v14.6 for new installation.

    Kindly assist.



  • 2.  RE: Migrate from Single Tier to Three Tier

    Posted May 15, 2017 11:48 AM

    Depending on the resources the current box has, ideally the Strategy should be to retain Oracle on the same box and move Enforce & Detection Servers to separate boxes.

    Please check the below KB to move Enforce, later Detection server/s could be added:

    http://www.symantec.com/docs/TECH219472



  • 3.  RE: Migrate from Single Tier to Three Tier

    Trusted Advisor
    Posted Jun 05, 2017 05:46 PM

    Rohit,

    You can take a few different approaches.

    Remember that 95% of the data is stored in the DB!

    How many agents do you have?? This question is important if this is too much trouble cause you will need to uninstall and install a new agent to point to the NEW Endpoint server name. If you used an IP address as part of the agent install, then I would think about keeping the current server as part of the NEW architecture. This can be resolved by pointing the agents to a new Endpoint server too.

    Otherwise I would do the following:

    1. Upgrade the system to 14.6
    2. Install a 14.6 New Endpoint Server
      1. In the Enforce console, add this to the system
      2. Point All of the Agents to this NEW Endpoint Server
      3. Add this server to the policy groups.
      4. Make sure this completes on all of the agents before moving forward and is working.
    3. Leave the DB as it is and use the existing box as the Oracle Server.
      1. Backup config, keys, plugins, and index directory.
      2. Uninstall the DLP SW, but make sure to create the Backup Package
    4. Install a New 14.6 Server for the Enforce Console and DO NOT initialze the DB and use the Backup Package.
      1. This will then allow you to KEEP all of the data as it is.
      2. Restore files as needed (plugins, Indexes etc)
    5. Once everything is validated
      1. Remove the OLD endpoint server from the system list.

     

    Good luck

    Ronak