Data Loss Prevention

 View Only
  • 1.  Symantec dlp network monitor

    Posted Feb 03, 2018 11:57 PM

    Do we need to have network monitor in DMZ or it can be internal .  Since network monitor is going to recieve the copy of the outgoing traffic from tap can the network monitor be placed internal (internal firewal) rather than DMZ.



  • 2.  RE: Symantec dlp network monitor

    Posted Feb 04, 2018 06:07 AM
    Hello, It all depends where the core switch is located. You just need to span or tap the outgoing switch traffic to DLP. Hope this helps!


  • 3.  RE: Symantec dlp network monitor

    Trusted Advisor
    Posted Feb 05, 2018 12:27 AM

    Hi,

     It mostly depend on your company rule, but a good one is to say that you need same level of security as network equipemnt which manage span port.

    Just be sure that access to server is secure, as in case of technical issue network monitor may store a copy of emails in plain text format on your server.

     Regards