Data Loss Prevention

 View Only

  • 1.  SYMANTEC DLP SIZING

    Posted Feb 06, 2020 05:43 AM

    Hi All,

    We are currently running DLP 14.6 & want to upgrade to 15.0.

    CURRENT SERVER CONFIGURATION:

    DLP SERVER & NAME Drives CPU/Cores Memory
           
    Enforce Server C: 50GB;D:100GB 2 12
    Network Prevent for Email-1 C: 50GB;D:100GB 2 8
    Network Prevent for Email-2 C: 50GB;D:100GB 2 8
    Network Prevent for Email-3 C: 50GB;D:100GB 2 8
    Network Prevent for Email C: 100GB;E:180GB 2 16
    Network Monitor C: 100GB;E:180GB 1 16
    Network Monitor C: 100GB;E:180GB 1 16
    Network Discover C: 50GB;E:90GB 2 8
    Endpoint Prevent/ Discover C: 50GB;E:90GB 2 8
    Network Prevent for Web C: 50GB;D:100GB 2 8
    Network Prevent for Email Cloud Host

     As per best practices what can be the recommended configuration as we are running 22000 users.

    Regard's

    Muhammad Bilal Raza



  • 2.  RE: SYMANTEC DLP SIZING
    Best Answer

    Posted Feb 06, 2020 10:47 AM

    Hi Zargham,

     

    I suggest you to follow the system requirement for symnatec DLP Link: https://support.symantec.com/us/en/article.doc10602.html

     

    the guide can help you to size your server based on smally medium and large enterprise.

     

    I sugest you can go with with medium /large sizing, but seeing your configuration you can go with medium enterpise sizing.

     

    Regards

    Satyajeet Anand



  • 3.  RE: SYMANTEC DLP SIZING

    Posted Feb 07, 2020 02:34 AM

    Do you have any custom sizing document?



  • 4.  RE: SYMANTEC DLP SIZING

    Broadcom Employee
    Posted Apr 06, 2020 04:20 AM
    sizing guide is here but not sure how many servers are required for network bandwidth for specific data type and protocol those are under monitoring for detection.
    https://symwisedownload.symantec.com/resources/sites/SYMWISE/content/live/DOCUMENTATION/10000/DOC10602/en_US/Symantec_DLP_15.7_System_Requirements_Guide.pdf?__gda__=1584236304_07393ef12de8d3be31bebc47894aa301
    Original Message


  • 5.  RE: SYMANTEC DLP SIZING

    Posted Apr 06, 2020 03:26 PM
    Does anyone have any guides or recommendatikons on adding a server(s) the DLP WEB and making it a cluster to handle more traffic?

    ------------------------------
    Randolph Brooks Federal Credit Union
    ------------------------------

    Original Message


  • 6.  RE: SYMANTEC DLP SIZING

    Posted Apr 07, 2020 04:30 AM
    Hi ddozier 

    You can add as many servers as you want , but in order to load balance between them use the proxy to do that 
    which proxy are you using. 

    this article may help with the sizing 
    https://knowledge.broadcom.com/external/article?legacyId=tech218934 

    Thanks

    ------------------------------
    Fady Azab
    Senior Consultant
    CCIT GMBH
    ------------------------------

    Original Message


  • 7.  RE: SYMANTEC DLP SIZING

    Posted Apr 07, 2020 09:57 AM

    we use the BlueCoats, our problem is we have 4 proxies going through one DLP Web prevent server and it is running at about 98% durin peak times and 65-80% during non-peak.


    Respectfully,

     

    Darren Dozier

    Information Security Analyst II

    desk: 210-6374583

    cell: 210-394-2748

    ddozier@rbfcu.org

    Randolph Brooks Federal Credit Union (ASC 1)

     

     




    Original Message


  • 8.  RE: SYMANTEC DLP SIZING

    Posted Apr 14, 2020 05:25 AM
    Hi 

    i think you need to add more DLP Web Servers , you can add one for each proxy , or you can add an ICAP service and add on it all the DLP servers so each proxy will load balance the traffic between all the DLP Web Servers 

    Thanks

    ------------------------------
    Fady Azab
    Senior Consultant
    CCIT GMBH
    ------------------------------

    Original Message