As with user administration, machine administration involves a number of post-deployment tasks, before you deploy CA DLP across your organization, and also routine maintenance of your machine accounts to reflect changing business needs.
Before rolling out CA DLP across your organization, you need to configure your CMS policy, and the common client and gateway policies (these common policies are applied automatically to new machines). Key policy areas that you must consider include database purging and the management of free disk space.
Note: These issues are fully described in the Deployment guide; see chapter 3, Before you start using CA DLP.
You need to ensure that all CA DLP machines are running the current versions of the software and that their individual machine policies are appropriate for your network environment. For example, you will need to ensure that replication, database purging and free disk space settings have sensible values. To optimize data flows across your network, you may also need to occasionally reorganize the allocation of client machines to each gateway.
You also need to consider data security. This covers encryption, database backups, and database purging.
All user data captured by CA DLP (Web pages, e-mails and so on) is replicated across your network and stored on the CMS. You must ensure that these data transfers and the stored data itself are secure. You can do this by configuring the machine policy to encrypt this data.
We recommend that you make a full backup of your CA DLP database on the CMS at least once per week, and incremental backups on a daily basis.
We also strongly recommend that you turn database purging on in both the common gateway and common client policies to prevent free disk space falling to dangerously low levels on your CA DLP machines with the attendant risk of the infrastructure being suspended.
Note: On a suspended client machine, control triggers and actions continue to operate but the resulting control events are not saved. For example, you cannot search for blockings that occurred while a client machine was suspended.
|
Copyright © 2012 CA.
All rights reserved.
|
|