ProxySG & Advanced Secure Gateway

Hi Team,

Our ASG 6.7.5.13 is already integrated with CAS400 and works well, now we are planning to integrate a DLP. Is there any recommendations about it, and what can be take into consideration to not impact the performance and mitigate any issue can happen.

Looking forward to your guidance and advice.

Thank you.

Hi
Why have you integrated a CAS with an ASG?  An ASG is basically a ProxySG and a CAS combined.
Original Message:
Sent: 09-22-2021 04:34 AM
From: ITA ISD
Subject: CAS and DLP integration with ASG Proxy

Hi Team,

Our ASG 6.7.5.13 is already integrated with CAS400 and works well, now we are planning to integrate a DLP. Is there any recommendations about it, and what can be take into consideration to not impact the performance and mitigate any issue can happen.

Looking forward to your guidance and advice.

Thank you.

this article is a little old but good to follow for writing VPM policy to send traffic over to DLP 

https://knowledge.broadcom.com/external/article?legacyId=TECH242033

Current DLP Network monitor and prevent performance sizing guidelines recommend 4 NPWs per 256Mbps of traffic. 
https://techdocs.broadcom.com/content/dam/broadcom/techdocs/symantec-security-software/information-security/data-loss-prevention/generated-pdfs/Symantec_DLP_15.8_Network_Monitor_and_Prevent_Performance_Sizing_Guidelines.pdf

So you would need to look at your ASG and how much traffic is running through it to determine how many DLP NPW servers you need.  

Also, I suggest setting up SICAP between the ASG and DLP NPW servers. 






Original Message:
Sent: 09-22-2021 04:34 AM
From: ITA ISD
Subject: CAS and DLP integration with ASG Proxy

Hi Team,

Our ASG 6.7.5.13 is already integrated with CAS400 and works well, now we are planning to integrate a DLP. Is there any recommendations about it, and what can be take into consideration to not impact the performance and mitigate any issue can happen.

Looking forward to your guidance and advice.

Thank you.