search cancel

How to apply and verify new Endpoint policies in DLP.

book

Article ID: 174507

calendar_today

Updated On:

Products

Data Loss Prevention Endpoint Prevent

Issue/Introduction

Symantec Data Loss Prevention (DLP) Endpoint Prevent

A DLP Administrator wants to apply and verify Endpoint Prevent policies.

Environment

  • 14.0
  • 14.5
  • 14.6
  • 15.0
  • 15.1
  • 15.5

Resolution

How to apply and verify Endpoint Prevent policies.

  1. Create a Policy Group to apply to your Endpoint Prevent servers
    1. Navigate to System > Servers and Detectors > Policy Groups
    2. Click Add
    3. Provide a name and description for this group
    4. Select the Endpoint Server(s) to apply this policy group to
  2. Create a Policy to join the Endpoint Policy Group
    1. Navigate to Manage > Policies > Policy List
    2. Click “New” to generate a new policy or “Import” to import an existing policy
    3. After you enter a Name, Description, and Policy Label, click the drop-down menu for Policy Group and select the newly created Endpoint Policy group
    4. After configuring the policy click Save
  3. Confirm your Endpoint Server(s) loaded the Policy Group and Policy
    1. Navigate to System > Servers and Detectors > Overview
    2. Click on an Endpoint Server
    3. In the Configuration box verify your new Policy Group
    4. In All Recent Events, verify that the new policy was loaded
  4. Confirm that an endpoint agent received the new policy
    1. On the endpoint navigate to C:\Program Files\Manufacturer\Endpoint Agent\ps.ead
    2. The timestamp of this file is updated when a new policy is received