Cannot edit or disable the All Discover Servers

book

Article ID: 160259

calendar_today

Updated On:

Products

Data Loss Prevention Enforce Data Loss Prevention Network Discover Data Loss Prevention Endpoint Discover

Issue/Introduction

In Symantec Data Loss Prevention (DLP), you cannot edit or disable the "All Discover Servers" entry. It is not configurable in the Policy Groups.

Resolution

This is working as designed. You cannot configure "All Discover Servers" because DLP automatically assigns all policy groups to all Network Discover Servers. This feature lets you assign policy groups to individual Discover targets.

Policies for Discover servers only get loaded when you run a scan. The only policies loaded are those which belong to the policy groups selected in the Discover Target configuration. After a scan completes, the policies are unloaded.

In the policy group configuration, the checkmark for "All Discover Servers" means that this policy group is available for Discover Targets. If you do not want to use a specific policy during the Discover scan, configure the Discover Targets setting.