Data Loss Prevention

 View Only
  • 1.  DLP-SSIM integration benefit !

    Posted Mar 19, 2012 10:17 AM

    Hi,

    Anyone has integrated SSIM and DLP to each other. What is benefit of that?

     

    Thanks

    AlbertL



  • 2.  RE: DLP-SSIM integration benefit !

    Posted Mar 19, 2012 12:28 PM
      |   view attached

    Hi Albert,

    Please read the below features that both having (DLP and SSIM) , I had also attached the SSIM collector for integrating Symantec DLP. You will get to know all the advantges in details in below Symantec pdf refernce.

    What SSIM does ?Protect business interactions, information and IT infrastructure

    Use comprehensive data correlation to identify and prioritize risks against security threats to reduce incident response time


    2.Reduce cost by standardizing security management and compliance processes

    3.Create a platform to protect against emerging threats, prevent data breaches, report on incidents, and document compliance


    4.Control costs and reduce complexity through continuous security management
     

    1. Optimize enterprise security processes to identify vulnerabilities and protect against attacks.

    DLP tells you when and where sensitive data is vulnerable, SIM tells you which user accounts have accessed the data

    Key BenefitsReduce proliferation of confidential data across enterprise data centers, client systems, remote offices, and end-user machines.


    Identify broken business processes transmitting confidential data.


    Monitor and protect communications of sensitive content to public websites.
     

    Define and deploy universal policies across the enterprise. 

     

    Also find the Procedural guide for Symantec™ Event Collector 4.4 for Symantec DLP Quick Reference

    I Hope you got the answer of your question.

    Regards

    Kishorilal

    Attachment(s)



  • 3.  RE: DLP-SSIM integration benefit !
    Best Answer

    Posted Mar 19, 2012 12:34 PM

    Hi Albert,

     As per Symantec above Symantec document, you will know that because of the role that intrusion-detection point products such as Symantec DLP play in defense-in-depth scenarios, filtering or aggregating these events is not recommended. However, it is possible that systems on a network play a specific role to ensure the security of an organization. This type of role may result in false positives from the device. For example, computers within the network that assess vulnerability risks may use techniques that cause intrusion-detection point products to report that the network is under attack. If you have this type of scenario, you can aggregate the events from that computer. The collector includes the following default filter that is enabled by default: