Data Loss Prevention

Just have few queries regarding a POC we are going to conduct at client.

Below are the components as per BOQ.

1. Symantec DLP Suite
2. Symantec Endpoint Encryption
3. Symantec Encryption Desktop
4. Symantec Encryption Management Server
5. Symantec Encryption Email Gateway

As per our discussion with client, we are going to conduct DLP/Encryption POC for the following enterprise segments.

1. Endpoint
2. Storage

We are not going to cover Network element to avoid any issue with their production environment.

We have planned following POC scenarios to present DLP/Encryption solution.

1. Endpoint
   1. USB/DVD copy
   2. Outlook
   3. Webmail
   4. FTP
2. Storage
   1. File Server
   2. SQL DB

We need to know how we can present DLP+Encryption POC for the above mentioned scenarios. Below are some of the queries we have regarding the same. I would appreciate if you can share your expert comment and feedback.

• Which components of Encryption can be integrated with DLP at endpoint and storage segments?
• Do we have to make any manual configuration for SEE integration with DLP so that we can define policy response rule to encrypt the sensitive data?
• We have to present a scenario where user will send an email using Outlook with attachment of sensitive information (Excel file) or pasting the sensitive information in email body. How we can present encryption response in this scenario?
• Do we have to have Encryption Management server beside SEE server to sign/encrypt the files using public and private keys or can we do it without Management server for POC?

Anyone??

Atif,

Here is my .02, i would stay away from email encryption as this requires changes in  mail flow and integration with email proxies which invlove change control for a 2 week project. if i was a exchange admin i would fit this tooth and nail.

As for the SEE, are you reffering to Symantec Endpoint Encryption? i would avoid this it is goins EOS this year. you want Symantec Encryption Powered by PGP. THis will do drive encryption, AKA Whole Disk Encryption.

http://www.symantec.com/encryption

I have attached the docs i have for the DLP PGP and message gateway encryption, look at them this will tell you how to configure policies and response rules

I also have attached the PGP install and admin guides for your review...

let me know if you have any questions...

Attachment(s)

IS%20L05_0.pdf   938 KB 1 version

symcEncrMgmtServer_330_adminguide_en_0.pdf   1.79 MB 1 version

IS%20L05_Slides_0_0.pdf   277 KB 1 version

Symantec Gateway Email Encryption and Symantec Data Loss ...pdf   472 KB 1 version

symcEncrMgmtServer_330_installguide_en_0.pdf   766 KB 1 version

Hi Stumunro,

Thanks for your feedback. You are right about avoiding Email encryption scenario due to various dependencies and integrations.

Will be great if you can suggest which encryption scenarios we can present for a POC on endpoint without any major configurations requirements with the products mentioned in BOQ.

Regards

Atif,

I would find a test machine to setup disk encryption with, i would avoid production just incase there is a an issue. it will take 30 to 45 mins to spin  up the virtual, bind to ad and push out a package.

I would also suggest the same as file share also find a test server and encrypt the drive let the client play with it and see how it works. As for the integration into DLP basically PGP updates the incident on the enforce server so you only have to look in one place to see if the email was encrypted. Let me know if you have any more questions.