DLP Agent on Ghost Image not recommended
search cancel

DLP Agent on Ghost Image not recommended


Article ID: 184215


Updated On:


Data Loss Prevention Endpoint Prevent Data Loss Prevention Endpoint Discover


Due to security concerns, it is recommended to not install the DLP Agent on a ghost image.


The DLP Agent installer generates machine specific encryption keys during installation.  In the case of ghost images, all the deployed images will share the same keys.  This is a concern from a security perspective.

The agent will initially have the same hostname, which will cause issues with connectivity.  More than one agent with the same hostname will cause the agent to not stay connected with the server.


Also, all the agents will use the same Endpoint Server.  This can be changed after the fact, but it might overwhelm the server if too many agents are connecting to the same server.


As a part of the workstation deployment, leverage a post-provisioning task to install the agent AFTER the workstation has booted for the first time.