Can I securely transfer data from a database direct to the EDM process?
Last Updated June 19, 2008
Secure data transfer
Relevant versions: 7.1 and up
Symantec DLP does have some current functionality that 'may' address at least some of the issue.
Symantec DLP 7.1 Utilities Guide* discusses the SQLPreindexer and the Remote EDM Indexer
SQLPreindexer The SQLPreindexer utility is always used in conjunction with the Remote EDM Indexer utility. It is installed in the Vontu\Protect\bin directory during installation of the Remote EDM Indexer. The SQLPreindexer utility generates an index directly from a SQL database. It processes the database query and then pipes it to the Remote EDM Indexer utility described in “Remote EDM Indexer” on page 27. Be sure to read the chapter about the Remote EDM Indexer before running the SQLPreindexer since the two utilities are used together.
NOTE: The rows of data that are listed in the error file are not encrypted so the error file should be safeguarded to minimize any security risk from data exposure.
Remote EDM Indexer The Remote EDM Indexer is a utility provided by Symantec DLP to convert a comma-separated value or tab-delimited datafile to an exact data matching index. The Remote EDM Indexer is the same EDM Indexer used by the Enforce Server except it is designed to be installed on a machine that is not part of the Symantec DLP server configuration. The SQLPreindexer is often used in conjunction with the Remote EDM Indexer. The SQLPreindexer is used to run SQL queries against SQL databases and pass the resulting data to the Remote EDM Indexer.
Using the Remote EDM Indexer to index a data source on a remote machine offers the following advantages:
An additional layer of security is maintained by enabling the owner of the data to index the data instead of the Symantec DLP administrator
The system load generated by indexing is shifted to another machine freeing the CPU and RAM on the Enforce Server for other Vontu tasks
Note the following information:
For maximum security, the, SQLPreindexer and the Remote EDM Indexer should be located in the same location as the DB box.
If the SQLPreindexer is not in the same location, then the data of the SQL database would be transferred in an unsecure pipe.
*For versions of Symantec DLP after 10.5, these details are included in the Symantec DLP Administrator Guide.
Imported Document ID: TECH221812
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe