This is a very broad question..
1. To harden the servers, you can harden them as any other server, just do not block the ports that the application uses. These are listed in the admin/install guide.
2. When it comes to policy config, you need to analyze all of the false positives and then add exceptions to the policies so it is not detected. This is where you will need to do a lot of work and update the policy moving forward. There is a lot of work for each policy at first, but overtime it will be less and less.
Make sure to think about using the exceptions so that you are not excluding real events.
------------------------------
Good Luck. - RP
PLEASE MARKED SOLVED WHEN POSSIBLE
------------------------------
Original Message:
Sent: 11-29-2021 05:17 AM
From: Shridhar Shimpi
Subject: what is the best practice for syamntec DLP policy
hi,
we have currently dlp 15.8 setup we need to manage and hardening monitor and DCM base policy .. what is the best practice for the same.. please help.
Regards
ShridharS