System monitoring best practices for Network Prevent
searchcancel
System monitoring best practices for Network Prevent
book
Article ID: 159637
calendar_today
Updated On: 01-19-2022
Products
Data Loss Prevention Network Prevent for EmailData Loss Prevention EnforceData Loss Prevention
Issue/Introduction
Best Practices for System Monitoring with Symantec DLP Network Prevent.
Resolution
System Monitoring Best Practices - Prevent
The options below provide a summary of recommended methods that can be used to monitor the health and availability of your SymantecDLP Network Prevent system. Note that this document is supplementary to the System Maintenance and Admin guides.
Objective Best Practice
Verify availability of and connectivity to the Network Prevent Server.
Periodic pings to the Network Prevent servers from the MTA
Periodic pings to the Network Prevent servers from the Enforce server
Periodic checks to ensure that the Vontu Monitor service is running
Verify basic functionality of Prevent Server. Create a synthetic transaction that runs periodically and sends a non-violating email through Prevent. Verify that the email is received.
Verify advanced functionality of Prevent Server. Create a synthetic transaction that runs periodically and sends an email that violates a policy that blocks the message. Verify that the email does not get sent and that a bounce notification gets returned to the sender.
Capture critical system events via email alerts. Set up event alerts to notify system administrators of potential issues. Alerts can be configured to trigger under multiple conditions. In some cases, an alert should be configured solely on an event because it reflects a system-wide issue. For other alerts that are Prevent-specific, you should add a condition that the relevant server is one of your Prevent servers. For instructions on setting up event alerts, refer to the Admin Guide for your version. For more information on general system maintenance and diagnosis, refer to the System Maintenance Guide.
System-wide alert conditions:
Event summary contains Low disk space
Event summary contains License about to expire
Event summary contains Tablespace is almost full
Event summary contains not responding
Event summary contains Monitor status updater exception