Data Loss Prevention

Dear,

At the moment my dlp infrastruture is a three tier deployment with one endpoint server for aprox. 3000 computer divide in a local site and several branch office.

Each bandwidth of this branch office is 4 megas , and the the local site has a bandwidth of 20 megas.

The local site has aprox, a 1800 computer and the each branch office has aprox 40 computer.

The endpoint server have 20 policy using a IDM, keywords and regular expressions

My idea is take a endpoind server for each branch office or agroup several branch office for on one endpoint server

And my questions about are

Its possibe to use a server with a role of file server for a endpoint server 

For 40 computer how is the hardware necessary for a deloy a endpoint server

I have to create one agent package for endpoint server

Its possible later via enforce change some computer to other endpoint server in case this is shoutdown

The last year the bandwith has present a saturation and shoutdown the enpoint server and i like the prevent this episode again using a local endpoint for the process of all the policy and later only send the result to the enforce server

Hi Tokyo,

There are no recommendations about what type of server to use as an endpoint server. If you want to use a file server, then bear in mind what will happen to your agent communications when the file server is restarted, or corrupted. I've done this with other applications, but having multiple roles on 1 server can lead to unexpected downtime if you have to take the file server down. If that is the only server you have, then it should be fine.

The Scalability Guide should assist you in sizing your server accordingly:

https://support.symantec.com/en_US/article.DOC8789.html

Something else to read up on:

https://support.symantec.com/en_US/article.DOC10602.html

It is also possible to move agents to another Enforce server, so follow the TN below:

https://support.symantec.com/en_US/article.TECH249457.html

Thanks!