Data Loss Prevention

 View Only
  • 1.  what is the best practice for syamntec DLP policy

    Posted Nov 29, 2021 05:17 AM
    hi,

    we have currently dlp 15.8 setup we need to manage and hardening monitor and DCM base policy .. what is the best practice for the same.. please help.

    Regards
    ShridharS



  • 2.  RE: what is the best practice for syamntec DLP policy

    Trusted Advisor
    Posted Nov 30, 2021 01:26 PM
    This is a very broad question..

    1. To harden the servers, you can harden them as any other server, just do not block the ports that the application uses. These are listed in the admin/install guide.
    2. When it comes to policy config, you need to analyze all of the false positives and then add exceptions to the policies so it is not detected. This is where you will need to do a lot of work and update the policy moving forward. There is a lot of work for each policy at first, but overtime it will be less and less.

    Make sure to think about using the exceptions so that you are not excluding real events.


    ------------------------------
    Good Luck. - RP
    PLEASE MARKED SOLVED WHEN POSSIBLE
    ------------------------------