Lind311 -
I have made a couple of assumptions.
1) you are in the DLP (Data Loss Prevention) console and completed the configuration to 'hook' SDI (Symantec DataInsght) to allow query of data from SDI to be called from DLP.
2) you have no problems with the DLP side of the equation
3) you need to allow access into SDI from DLP for the plugin to work.
This works on the concept that SDI has the access data for the files in question and the DLP product contains the incident data for the individual files and they share between the applications.
You will require certain information to complete this on both sides as each application needs independent configuration to allow them to work in unison.
•Collect information:
–Data Insight console address
–authorized user credentials
–detail information desired to retrieve per file
•Configure Data Insight communications link *Note this article stops here to confirm we are properly configured to this point *
•Configure DLP custom attributes
•Configure lookup plugin chain
•Configure lookup plugin map
Correct anything that was not done on DLP in sequence:
- Login to console
- Roll-over System to get the window to popup the menu
- Click on Credentials
- Click on Add Credential
- Name the Credential
- Enter Credentials
–Domain\username * Note: these must exist on the SDI server and be a valid user
Still on the same DLP console:
- Roll-over System to get the window to popup the menu
- Click on Data Insight
- Click on configure
- Enter Host Name
- Default port is 443
- Click Retrieve Certificate
- Verify Certificate Info.
- Click Yes to trust
In the bottom of the same page you need to add the credential to the SDI server. This must exist and be a valid user with proper permissions in SDI.
- Select the Data Insight Credential
- Click Test Connection
- Successful test message should return
Did it return a successful message?
It should look like this (Note: newer version, old version is a popup)
Were there credentials in the drop down list for you to select?
If this was all correct then please let us know and we will move to the creation of the custom attributes (needed as place holders for the SDI data) and the configuration of the plugin (Plugins.properties file on the DLP Enforce server located in /Vontu/Protect/config) to allow the 'sharing' of the data between the applications.
Example custom attributes -
Data Owner
Data User
Data User Reads
Data User Writes
Last Access
Data User 2
Data User 3
The properties file is full of remarks by default and MUST be edited for configuration to be completed. Loading requires a restart and you should see an entry in your log (Default - \Vontu\Protect\logs\tomcat\localhost.yyyy-mm-dd.log) indicating the lookup for DataInsight was loaded. Scans must be completed after the configuration is complete for proper reporting.
Note: normally the Symantec Consultant or Technical Program Manager for your account would have completed these steps for you upon install but you inidicated this was a long standing installation and you were adding a configuration. Please post your versions of SDI and DLP upon your reply so the instructions can be geared to the applicable console clicks.
Note: the latest patch version of SDI is available for download here - https://sort.symantec.com/patch/detail/6546
I look forward to your reply and we can move you forward after we have confirmed the applications have the required interaction.
We can do this interactivey via Symantec Technical Support if you want to have a support case opened.
Rod