Data Insight Feature Briefing Box Cloud Storage Support

Similar documents
Secondary operation windows in SLPs

Clearwell ediscovery Platform Feature Briefing

Technical Brief Veritas Technical Education Services

QUICK START: VERITAS STORAGE FOUNDATION BASIC FOR AMAZON EC2

Enterprise Vault.cloud Feature Briefing

QUICK START: SYMANTEC ENDPOINT PROTECTION FOR AMAZON EC2

NetBackup for vcloud Director

Oracle Intelligent Policy

Plug-in for VMware vcenter

Enterprise Vault Whitepaper

Enterprise Vault Best Practices

Technical Brief Enterprise Vault Privileged Delete

Technical Brief Veritas Technical Education Services

Administration of Symantec Messaging Gateway 10.5 Study Guide

Administration of Symantec Data Loss Prevention 10.5 Study Guide

W H I T E P A P E R : T E C H N I C A L. Enterprise Vault 8.0 Security Model for Microsoft SharePoint Archiving

Partner Information. Integration Overview. Remote Access Integration Architecture

Enterprise Vault 12 Feature Briefing Classification

NetBackup Collection Quick Start Guide

Three Steps to Protect Your Virtual Systems

VeriSign Managed PKI for SSL and Symantec Protection Center Integration Guide

ProteggereiDatiAziendalion-premises e nel cloud

Technical Brief Enterprise Vault SMTP Enhancements

Customer Online Support Demonstration. 1

Symantec VIP Quick Start Guide. Enabling Help Desk. Version 1.0. Author Travis Harmon Symantec. All rights reserved.

Protecting Microsoft SharePoint

Centrify for Dropbox Deployment Guide

W H I T E P A P E R : T E C H N I C AL. Symantec High Availability Solution for Oracle Enterprise Manager Grid Control 11g and Cloud Control 12c

Partner Information. Integration Overview Authentication Methods Supported

Veritas NetBackup and Oracle Cloud Infrastructure Object Storage ORACLE HOW TO GUIDE FEBRUARY 2018

Enterprise Vault.cloud Archive Migrator Guide. Archive Migrator versions 1.2 and 1.3

Symantec Network Access Control Starter Edition

Technical Brief Veritas Technical Education Services

Service Description VMware Workspace ONE

Enterprise Vault Whitepaper Enterprise Vault Integration with Veritas Products

Remote Expert Installation Service for Symantec Mail Security 8300

Migration Best Practices for Oracle Access Manager 10gR3 deployments O R A C L E W H I T E P A P E R M A R C H 2015

Enterprise Vault Overview Nedeljko Štefančić

: Administration of Symantec Endpoint Protection 14 Exam

Veritas Provisioning Manager

IT Analytics 7.1 for Altiris IT Management Suite from Symantec

Symantec Workflow 7.1 MP1 Release Notes

Symantec Managed PKI. Integration Guide for AirWatch MDM Solution

Enterprise Vault 8.0 Security Model for Lotus Domino Archiving. Rob Forgione Technical Field Enablement March 2009

Administration of Altiris Client Management Suite 7.0 Study Guide

Administration of Symantec Enterprise Vault 9.0 for Exchange Study Guide

Symantec Network Access Control Starter Edition

Symantec Network Access Control Starter Edition

Data Sheet: Endpoint Security Symantec Network Access Control Starter Edition Simplified endpoint enforcement

Web Security Service. Near Real-Time Log Sync Solution Brief. Version /OCT

Technical White Paper Information Map. Taking Action on Information Map Insights

Inside Symantec O 3. Sergi Isasi. Senior Manager, Product Management. SR B30 - Inside Symantec O3 1

Symantec ServiceDesk 7.1 SP1 Implementation Guide

PKI is Alive and Well: The Symantec Managed PKI Service

Symantec Validation and ID Protection. VIP Credential Development Kit Release Notes. Version May 2017

Integration Guide. SafeNet Authentication Service. Protecting SugarCRM with SAS

Symantec Ghost Solution Suite Web Console - Getting Started Guide

1.0. Quest Enterprise Reporter Discovery Manager USER GUIDE

Office 365 Best Practices: Protocols

Data safety for digital business. Veritas Backup Exec WHITE PAPER. One solution for hybrid, physical, and virtual environments.

Red Hat Cloud Infrastructure 1.1

Loading User Update Requests Using HCM Data Loader

SAP Global Track and Trace Onboarding Guide

Microsoft Active Directory Plug-in User s Guide Release

Integration Guide. SafeNet Authentication Manager. Using SAM as an Identity Provider for SonicWALL Secure Remote Access

Data Sheet: High Availability Veritas Cluster Server from Symantec Reduce Application Downtime

Evaluation Program for Symantec Mail Security Appliances

Veritas Data Insight Software Compatibility List 6.1.1

Bomgar PA Integration with ServiceNow

Symantec Secure One Services Program Brief

Enterprise Vault 11 Whitepaper Deploying IMAP Access to Enterprise Vault

Symantec Validation and ID Protection. VIP Credential Development Kit Release Notes. Version January 2017

Altiris Software Management Solution 7.1 from Symantec User Guide

Symantec Patch Management Solution for Windows 8.5 powered by Altiris technology User Guide

NetBackup Self Service Release Notes

Protecting Hyper-V Environments

Securing Office 365 with Symantec

Application Note: Veritas High Availability solution for DLP Enforce Server. Windows

BLACKBERRY SPARK COMMUNICATIONS PLATFORM. Getting Started Workbook

Symantec Desktop and Laptop Option 8.0 SP2. Symantec Desktop Agent for Mac. Getting Started Guide

Veritas Data Insight 6.1 Software Compatibility List 6.1

Increase user productivity and security by integrating identity management and enterprise single sign-on solutions.

Enterprise Vault 12.4 OData Reporting for Auditing

Microsoft Security Management

Administration of Symantec Cyber Security Services (July 2015) Sample Exam

Symantec Data Center Transformation

Setting Up Resources in VMware Identity Manager. VMware Identity Manager 2.8

Administration of Veritas Cluster Server 6.0 for UNIX Study Guide

Lookout Mobile Endpoint Security. AirWatch Connector Guide

XIA Configuration Server

CA GovernanceMinder. CA IdentityMinder Integration Guide

Setting Up Resources in VMware Identity Manager (On Premises) Modified on 30 AUG 2017 VMware AirWatch 9.1.1

Red Hat Cloud Suite 1.1

Enterprise Vault.cloud CloudLink Google Account Synchronization Guide. CloudLink to 4.0.3

Creating a FileShare Cluster using Storage Foundation 5.1 for Windows Service Pack 2 Jay Jameson

Akana API Platform: Upgrade Guide

by Cisco Intercloud Fabric and the Cisco

SafeNet Authentication Manager. Integration Guide. Using SAM as an Identity Provider for Dropbox

Administration of Symantec Cluster Server 6.1 for UNIX Study Guide

Integrate Salesforce. EventTracker v8.x and above

Transcription:

Data Insight Feature Briefing Box Cloud Storage Support This document is about the new Box Cloud Storage Support feature in Symantec Data Insight 5.0. If you have any feedback or questions about this document please email them to IIG-TFE@symatec.com stating the document title. Copyright 2015 Symantec Corporation. All rights reserved. Veritas and the Veritas Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.

Feature Description Symantec Data Insight (DI) 5.0 now includes support for Box Cloud Storage. DI monitors the data stored on Box to provide access, ownership and permissions information. DI will scan Box accounts on a scheduled basis or on an ad-hoc basis as needed. DI will be able to provide protection on sensitive data and provide management of data stored on Box. Business Value Adding support for Box further expands DI s capabilities. Customers can now gather important information on Box files such as data ownership, data access, and auditing as well as provide remediation workflow support. Since its inception, DI continues to add support for various storage platforms. Monitoring files from Box enhances the benefits of DI by improving its intelligence of Box s cloud storage. This allows DI administrators to gain insight into access and ownership information of files stored on Box. Monitor Box files with DI to: Discover unstructured Box file data using metadata, age, usage, and ownership to inform data lifecycle management, compliance and risk reduction initiatives Identify data owners and engage through a Self-service Portal to facilitate access control, data management and information security remediation efforts Enhance information protection with Symantec Data Loss Prevention integration Page 1

Underlying Principles Box uses the Open Authorization 2 (OAuth2) protocol to permit DI access. DI leverages the Box Enterprise administrator credentials to gain access to the Box administrator account. This allows DI to gather information about all configured users and the activities each has performed. The administrator credentials authorize DI to access the Box Enterprise account. The authorization received from Box is saved as a named credential in the DI configuration. With the integration of Box, Data Insight s capabilities remain generally the same, with a few differences for Box storage: Permissions Reporting continues to function for non-cloud-based file shares. For cloud shares, DI cannot obtain detailed information of the permission assigned to various users, files and folders. Entitlement Review Reports provide information as to who has permissions on a folder or file in Box. Although the report summarizes entitlements, the Self-service Portal does not allow users to perform any entitlement activities on Box shares. The only portal activity allowed on Box shares is for incident remediation. Incident remediation actions remain the same. Prerequisites To monitor files located on Box, DI requires the following prerequisites are met: The organization must have: o An Enterprise Box account o Valid Box Enterprise administrator credentials to synchronize Box and DI (Box co-admin credentials are not sufficient) Ensure Box accounts are provisioned using Active Directory identities Data Insight must be installed and configured Configuration During the configuration process, the DI administrator configures Box settings in the DI interface in the Settings > Cloud Services section. The DI administrator identifies the Collector and Indexer worker nodes used for collecting and indexing the Box data. It is important to select these correctly as they impact DI performance during the scanning and indexing process. Selecting the wrong worker nodes can slow scanning times and overwork the indexers. Page 2

Configuration also requires authorizing DI to access the Box account to scan files located on Box using the administrative username and password of an Enterprise Box account. These credentials are verified and authorized directly from DI on the authorization screen using Authorize button on the setting screen (Figure 1). Authentication Figure 1 Box Authorization Screen DI monitors files by authenticating to the customer s Enterprise Box application using the OAuth2 protocol. Leveraging the OAuth2 protocol for authentication, DI saves a single OAuth2 token in the DI database. This token allows administrators to share their login credentials between DI and Box, which creates a connection between the two. When authentication from DI to Box is confirmed and a connection is established, DI services check the files on Box and record metadata information for each of the files. Scanning Scanning occurs on a scheduled basis. During the Box to DI configuration, the DI administrator defines a scanning schedule for shares of the Box account. The DI administrator chooses one of the following: Page 3

Use Collector s default scanning schedule Use custom schedule DI periodically scans the Box account to obtain file metadata. Each Collector worker node, by default, initiates a full scan of shares on the last Friday of each month at 7:00 P.M. (19:00). With Box accounts, incremental scans are not available. Administrators can override the schedule anytime using the Scan action from the Cloud Sources list of the configured Box account (Figure 2). Indexing Figure 2 Scanning a Box account Unlike other shares, file metadata related to Box shares record actions differently. Since files are downloaded for editing, and then uploaded again when complete, DI translates these actions into usable metadata as outlined in the following table: Term Read Write Share owner File owner DI definition Files downloaded from Box Files uploaded to the Box share User who created the shared folder in Box User who uploaded the original file Page 4

Guided Tour Add Box Account to Data Insight Before Box folder and file scanning can take place, an Enterprise Box account must be synchronized with DI. An Enterprise account is required as it is the only Box account that can obtain information via the API that connects DI and Box. This can be configured in the DI interface Settings > Cloud Services section (Figure 3). The administrator can either use the existing Collector and Indexer configured during the installation or select one from the Connection Details options. Figure 3 Adding Box Account to Data Insight To authorize access between DI and Box, the Box administrator credentials are used to secure a login. DI uses these credentials to retrieve metadata on shares and files in Box. Audit Events There are no additional configuration requirements for capturing audit events. Any user activities performed on Box shares appear in the raw audit files under the folder <DI_DATA_DIR>/outbox. The files are eventually consumed and indexed and the events display in the Data Insight console. Page 5

Scanning Box Accounts By default, Box performs a full scan according to the scan schedule configured in DI no incremental scans are available for Box. The scan schedule has an override on the Settings tab in the Cloud Sources section (Figure 4). Administrators can also view: Scan History Scan Errors Figure 4 Scanning Box Accounts Page 6

Licensing and support considerations To scan Box shares, customers must purchase an additional license for Box scanning with Symantec Data Insight. Customers will only be able to scan Box folders and files with the purchase of this license. Users Box accounts should be provisioned against the users email addresses in Active Directory. This ensures Symantec Data Insight matches the correct identity in Box. Symantec Data Insight scan of Box shares has the following limitations: Additional licensing is required for Symantec Data Insight to scan Box shares. Only one Enterprise Box account can be configured to Data Insight at a time. Portal activities are available for Box shares, except for incident remediation activities. The following options are not available on Box shares: o Permissions reporting o Entitlement review Page 7

About Symantec: Symantec is a global leader in providing security, storage, and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. Headquartered in Mountain View, Calif., Symantec has operations in 40 countries. More information is available at www.symantec.com. For specific country offices and contact numbers, please visit our Web site: www.symantec.com Symantec Corporation World Headquarters 350 Ellis Street Mountain View, CA 94043 USA +1 (650) 527 8000 +1 (800) 721 3934 Copyright 2015 Symantec Corporation. All rights reserved. Veritas and the Veritas Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback