What happens to DLP Network Prevent for Email if the SMG server goes down


Article ID: 184560


Updated On:


Data Loss Prevention Network Prevent for Email


Symantec Data Loss Prevention (DLP)
Symantec Messaging Gateway (SMG)

Customer needs to plan for disaster recovery.


Test a disaster scenario if the SMG server is shutdown.


DLP 15.5 and WIndows server 2012 R2 


DLP NP for mail can be configured to bypass:
By default, outbound email bypasses Data Loss Prevention Network Prevent if all Data Loss Prevention Network Prevent servers are unavailable. Read SMG Admin guide
If SMG goes down, no email filtering will happen, email in the Queue will be kept there.
NP for mail doesn't depend on SMG for functioning, and it will inspect any email from any source that is configured. However, if no email is received, it just doesn't process anything. Obviously if email is coming in for inspection and it requires a remediation rule from SMG, such as Quarantine, it won't happen. Email will continue going out if MX lookup is enabled/disabled in Next Hop Configuration, and any other host/domain is available. 

Email team can assist with configuration: Email servers/MTAs can be configured for failures of downstream servers.

For more information consult our implementation guides located here https://help.symantec.com/cs/dlp15.0/DLP/id-SF0B0152826_v120691346/Implementing-Network-Prevent-for-Email?locale=EN_US