Data Loss Prevention

 View Only
  • 1.  Verify DLP agent installation

    Posted May 15, 2012 12:18 AM

    Hi,

    How to verify the DLP Agent is installed and configured correctly to communicate with Endpoint server. Is there a way for desktop syst admin to verify this?



  • 2.  RE: Verify DLP agent installation
    Best Answer

    Broadcom Employee
    Posted May 15, 2012 12:41 AM

    check the Article ID: 54753

    If the Endpoint agent is not installed or services are not started then the results for netstat will return no results.

    If your Endpoint server IP address is, 192.168.2.52  You can perform the following telnet test from a endpoint agent that is not checking in.


    open a Command window:

    telnet 192.168.2.52 8000

    <If the port is open, this command should take you to a blank screen, if it is blocked you will receive a connection refused message>


    Another good test you can perform from the Endpoint Agent is a netstat test which will show you what ports are connected/established or listening.
    The endpoint server should be listening on port 8000 (0.0.0.0:8000 LISTENING),  The endpoint agent, if connected will show ESTABLISHED on port 8000

    Example From Endpoint server:  

    <Endpoint Server> C:\>netstat -aon | find "8000"
      TCP    0.0.0.0:8000                0.0.0.0:0                         LISTENING       2192
      TCP    192.168.2.52:8000      192.168.2.53:1433      ESTABLISHED     2192
      TCP    192.168.2.52:8000      192.168.2.54:49306     ESTABLISHED     2192
      TCP    192.168.2.52:8000      192.168.2.55:49160     ESTABLISHED     2192


    <The endpoint server example above shows that the server is listening on port 8000, and that 3 Endpoint Agents are ESTABLISHED (192.168.2.53,54,55)>


    You can perform the same test from the Endpoint Agent. Here are the type results you "should" see if the agent is connected.

    <Endpoint Agent> C:\>netstat -aon | find "8000"
      TCP    192.168.2.53:1433      192.168.2.52:8000      ESTABLISHED     2016


     



  • 3.  RE: Verify DLP agent installation

    Broadcom Employee
    Posted May 15, 2012 01:20 AM

    Also if the DLP endpoint installed will have service named "EDPA" & "WDP", you can verify in services.msc.