Before you install CA DLP endpoint agents, note the following issues.
To simplify mass deployments, you can bulk create new client machine accounts and pre-assign machines to parent servers in advance of the CA DLP rollout. This enables you to deploy multiple client machines using a single source image (which identifies a single parent server) while ensuring that each client machine automatically connects to its 'correct' parent server immediately after installation.
To bulk create new accounts, you use the Account Import feature to import the client machine details from a CSV file.
CA DLP is designed to operate across subnets. If some or all of your client machines are on a separate subnet to your CMS, computer name resolution must work in both directions.
On Windows XP machines, the Client File System Agent requires SP2 or later.
The firewall setting ‘Don’t allow exceptions’ must be turned off on the target machine. For details about CA DLP and this firewall, see the reference below.
Close down all applications that support printing before installing the CPSA, such as Microsoft Office applications. This ensures that the CPSA can detect print jobs sent from these applications. (If an application is already running when you install the CPSA, it will be unable to detect print jobs sent subsequently from that application.)
If you anticipate your users printing .EMF files (a Windows graphics file format) directly from Windows Explorer, you must restart the client machine after installing the CPSA to ensure that it can fully control attempts to print these files.
Internet Explorer 8 and 9 have a safety feature that disables IE extensions when InPrivate Browsing is enabled. Because the CA DLP Internet Explorer endpoint agent is an IE extension, CA DLP integration with IE8 or IE9 is disabled when a user enables InPrivate Browsing on the CA DLP host computer.
We therefore recommend that you disable InPrivate Browsing.
|
Copyright © 2012 CA.
All rights reserved.
|
|