Data Loss Prevention

 View Only
  • 1.  Corrupt Office 2007 Attachments

    Posted Mar 21, 2012 02:43 PM

    Hi All,

    We use Symantec DLP (Vontu) 11 and a large portion of the Office 2007 attachments in our incidents are corrupt.  They are of type docx, pptx, and xlsx, and when opened the following message appears: "The file name.xxxx cannot be opened because there are problems with the contents", followed by "The file is corrupt and cannot be opened" in the Details section.  Even upon review of the incident it's obvious the file is corrupt without looking at the attachment because the Office 2007 file is detected as a Zip archive.  No amount of file maintenance from the desktop can recover the file, so we assume it's a Vontu issue.

    Has anyone experienced this issue and managed to resolve it?

    Thanks.



  • 2.  RE: Corrupt Office 2007 Attachments

    Posted Mar 22, 2012 12:48 AM

    hI mordoc

     

    please check first , what is ur Office ver 2003 or 2007 or 2010. since ther are some compatibility issue while file opened and possibility of above problem coames.



  • 3.  RE: Corrupt Office 2007 Attachments

    Posted Mar 24, 2012 11:23 AM

    Hi Murdoch07,

    Please check your incident wtiter service and packet capture library. If both are working then need some other solution. You can check this first . and let me know the status and read the below.

     

    You can use three different methods to capture the network traffic that is acquired
    by a SPAN or tap:
    ■ NIC on a Windows platform. Windows platforms using a NIC for packet capture
    require a WinPcap library on the Network Monitor Server host. If WinPcap is
    not already on the Network Monitor Server host, you must install it. See the
    Symantec Data Loss Prevention System Requirements and Compatibility Guide
    for information about the supported version of the WinPcap library.
    See “Installing WinPcap on a Windows platform” on page 806.
     
    ■ NIC on a Linux platform. Linux platforms using a NIC use native Linux packet
    capture which requires PACKET_MMAP support in the kernel. Support for
    PACKET_MMAP is included by default in supported Linux kernels.
     
    ■ Endace card on either Windows or Linux platforms. An Endace DAG network
    measurement card can be used on both Windows and Linux platforms to
    provide network packet capture in high-traffic environments. See the Symantec
    Data Loss Prevention System Requirements and Compatibility Guide for
    information about supported Endace cards and drivers.