Intel,Altiris Group

Hi,

Can anybody provide me the list of Database Servers (with version numbers) which can be scanned by Vontu DLP 9.0?

Please see below the support in version 9.

Hope this is useful.

Steve Randall

The File Systems (Server) target supports scanning of the following network file
shares:
■ CIFS
■ NFS
■ DFS
■ Any other file shares that can be mounted by the Network Discover Server
■ Microsoft Outlook Personal Folders (.pst files) created with Outlook 1997-2002,
2003, and 2007.
The Network Discover Server scanning this target must be running a Windows
operating system, and Outlook 2003 SP3 or later must be installed there.
■ File systems on UNIX systems can also be scanned using the SFTP protocol,
to provide a method similar to scanning of file shares.

Supported Lotus Notes Targets
The Lotus Notes target supports scanning of the following versions:
■ Lotus Notes 6.5
■ Lotus Notes 7
■ Lotus Notes 8
■ Domino Servers
       Both DIIOP and native configuration options are supported.
       The files Notes.jar and NCSO.jar are in the Domino server installation directory.
       The manifest version number of these files depend on the Domino server version.
■ Version 6.5 has 1.3.1
■ Version 7.0 has 1.4.2
■ Version 8.0 has 1.5.0


Supported SQL Database Targets
The following SQL Databases have been tested with Discover Target scans:
■ Oracle 10 (the vendor_name is oracle)
■ SQL Server 2005 (the vendor_name is sqlserver)
■ DB2 9 (the vendor_name is db2)
SQL Database targets should work for any SQL database with a JDBC or an ODBC
driver.


Supported File System (Scanner) Targets
Remote Windows servers can be scanned.
The following Linux file systems can be scanned:
■ x86 32-bit, Red Hat Enterprise Linux AS 3
■ x86 32-bit, Red Hat Enterprise Linux AS 4
■ x86 64-bit, Red Hat Enterprise Linux AS 4
■ x86 32-bit, SUSE 8
■ x86 32-bit, SUSE 9
■ x86 64-bit, SUSE 9
■ x86 64-bit, SUSE 10

The following AIX file systems can be scanned:
■ AIX 5.2
■ AIX 5.3, or higher

The following Solaris file systems can be scanned:
■ Solaris SPARC 8
■ Solaris SPARC 9
■ Solaris SPARC 10
■ x86 32-bit Solaris 10
■ x86 64-bit Solaris 10
File systems on UNIX systems can also be scanned using the SFTP protocol, to
provide a method similar to share-based file scanning, instead of using the File
System Scanner.


Supported Microsoft Exchange (Scanner) Targets
The Exchange scanner supports scanning of the following targets:
■ Microsoft Exchange Server version 5.0, or higher
■ Microsoft Exchange Server 2000
■ Microsoft Exchange Server 2007
■ Outlook97, Outlook98, or Outlook2000 with the optional connection to
Exchange configured

The Exchange scan includes email message text and email file attachments from
the client's mailbox, and scans the content of compressed files. The Exchange
scanner does not, however, target mail that is stored in Personal Folders (.pst
files) or offline folders (.ost). Nor does it monitor inbound or outbound messages
that are sent by MAPI, SMTP, POP3, or HTML Web mail. POP3 or HTML Web mail
scan types can be handled with other products of Symantec Data Loss Prevention.
Supported SharePoint (Scanner) Targets


The following SharePoint targets are supported for scanners:
■ SharePoint 2007
■ SharePoint 2003


Supported Documentum (Scanner) Targets
The Documentum scanner supports scanning of the following Documentum
repositories:
■ Documentum Content Server 4.2.x
■ Documentum Content Server 5.2.x
■ Documentum Content Server 5.3.x


Supported Livelink (Scanner) Targets
The Livelink scanner supports scanning of the following targets:
■ Livelink Server 9.x.


Supported Web Server (Scanner) Targets
The Web Server scanner supports scanning of any http site with read access.

Thanks a lot Steve. The information was very helpful.

I have one more question. We have requirement to know the Symantec DLP's Scanning speed on any repositories in terms of KB/sec. I do know that the speed depends on other factors such as Network bandwidth, Server capacity etc. But we need at least on scenario with which the scanning speed could be defined.

It will be a great help if it is possible to provide this information.

Thanks in Advance.

-Naren

You can limit the speed or the amount of files you scan when you define the discover target.  So it could be a specific KB/sec or a specifc amount of files at one tiem you scan.

hope that helps

Thank you for the response.

Please help me on this.

We have a huge repository of 10 TB and we have to complete the scanning within 35 days.


So we have following questions:


1. What is the scan speed of Vontu? i.e. How much GB of data it can scan per hour?

2. What is the best possible architecture we should follow to achieve above challenge of scanning 10 TB in 35 days!!!!!!!!


Appreciate your help.

What else do you have happening on the discover server?

Have you limited the amount of files that are being scanned at one time or the bandwidth that is available?

What is the communication between the discover server and the discover target?

Network issues?

Are you blocking the scann from happening during certain times such as a backup window or maintenance peroid?

As you can see there are a ton of questions that can help define how fast this works

Jesse,

Answers for your questions.

Have you limited the amount of files that are being scanned at one time or the bandwidth that is available?
No. We want to scan the as maximum amount of data as Vontu can scan.

What is the communication between the discover server and the discover target?
I am not sure of it. What if we are using only one Discover server to scan only one target of 1TB of data, how long will it take to complete the scanning (assuming there are no Network issues).

Network issues?
No (if you are asking about Network speed, its 100 Mb/s)

Are you blocking the scann from happening during certain times such as a backup window or maintenance peroid?
We have 16 hours per day for scanning. We are thinking of pausing the scan at  other times.

Basically, what i am expecting is the scanning speed interms of KB/s under an ideal scinario.

Hope i have conveyed my question properly.

Thanks for responses Jesse.

Hi,
Does anybody knows if DLP 9 supports
1) Siebel version 7.5 and version 8
2) Priority ERP version 12.

Regards,
Shimi.

What we have seen in production implementations this can be a wide range and we typically can see about 1 TB /day. This is if there is only 1 server doing the work. Since Symantec DLP is a distributed platform we can scale this up or down and incorporate multi threads and multiple servers to increase the speed if necessary.

Since you plan on using scan windows this may take a little longer. Keep in mind that youmay want to take a more targeted approach to scanning file servers, for when you get all of the incidients you will need to go through each one. Typically you would not want to scan a WHOLE server at once and then have to deal with 100's-1000's, you should target directories one at a time.

This way you can manage the influx on incidents better and also build a better workflo process on how to handle the different incidents.

Keep in mind that there is no specific scan speed that we can quote, for this depends on many different factors.

- Connection Speed
- Bandwidth Availability
- Type of files/data being scanned
- Sizing of the servers on both ends

Hope this helps..
Ronak

Shimi,

We have tested the DB scanner on DB2, MSSQL, and Oracle DB's.

The Symantec solution can scan most JDBC compliant DB's. All that needs to be done is to load the JDBC drivers for those DB's on to the DLP system so it can connect naitively.

In most cases we have not seen a DB that uses JDBC that we cannot scan.

More information on how to configure the DB scanner and load the JDBC drivers is included in the DLP Admin guide. We demonstrate how to configure the JTDS open source driver to scan MSSQL. The JTDS is an open source driver for Microsoft SQL Server (6.5, 7, 2000, 2005 and 2008) and Sybase (10, 11, 12, 15). This would be simlar to installing a different JDBC driver to connect to the mentioned DB's.

Specifically around Siebel: You should need to just load the dirvers for us to scan that traget and make sure the configuration is correct.

For Prority ERP: It all depends on the Backend DB that it uses. It can use Oracle, MSSQL, and "Tabula" (priority's own). We can already scan MSSQL and Oracle, the question is if Tabula has a jdbc dirver which you can load onto the system.

Ronak