ONTAP Discussions

Data Loss Prevention Discover Software

paeddy

Hi

Does anybody has experience on how to allow an external DLP Software (McAfee) having a sight to all NAS shares and also requests "modify rights" on them?

Kind Regards

Adrian 

2 REPLIES 2

Mjizzini

Have you try to run the service under a domain admin user?

Make sure the user is a part of the local admin group.

paeddy

Hi Mjizzini

 

Thank you for your answer.

 

I created a seperate group like the builtin/administrators-group with only the "SeTcbPrivilege"  and shared the "/" as read-only. This seems to work but I don't know if this is the right way to give access to a DLP-Application because the solution as that is bypassing all security settings set on shares (cifs) and exports (nfs). As soon as the DLP application requests modify rights I need to really think about that again.

 

We do not have "a general group" on all our shares where I simply could put the dlp-user into that group and access would be granted, and,  we do host millions of files.

 

Some more questions are:

Why DLP application asks for modify rights? I can not imagine what will be happen when the DLP client system catches malware or does wrong functions.

There are also aspects on auditing and performance..

 

I am really wondering on how do other NAS administrators handle DLP?

 

https://kb.netapp.com/Advice_and_Troubleshooting/Data_Storage_Software/ONTAP_OS/NTFS_permissions_on_a_CIFS_share_are_not_taking_effect_on_a_specific_u...

 

kind regards

Adrian

Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner
Public