The application is set-up on Windows 2008 SP2 server. Is it advisable to upgrade to SP3?
Hello Jatin,You can upgrade your DLP components to 9.6 SP3 on Windows 2008 SP2
Thank you for your response. Could you please share the requirements (CPU/memory.. etc) on the virtual machine to upgrade to SP3. Also, how much downtime do we expect during this upgrade?
Thanks and Regards
Shared Security Services – AS&M
P +61 4 6980 3396| E firstname.lastname@example.org
Level 5, 655 Collins Street, Melbourne VIC 3008
<http://www.nbn.com.au/>[cid:2A7730FD-888B-430F-A80B-19FF030ECB54]<http://www.facebook.com/nbnaustralia> <http://au.linkedin.com/company/nbn-co-limited> <http://www.twitter.com/nbn_australia> <http://www.youtube.com/nbnco> <http://www.nbn.com.au/blog> <https://nbncojobs.taleo.net/careersection/external/jobsearch.ftl?lang=en>
Notice to recipient: This e-mail is intended only to be read or used by the addressee. It is confidential and may contain information that is subject to legal professional privilege or protected by copyright. If you are not the addressee indicated in this message (or responsible for delivery of the message to that person), you may not copy or deliver this message to anyone, and you should destroy this message and kindly notify the sender by reply e-mail. Copyright, confidentiality and legal professional privilege are not waived or lost by reason of mistaken delivery to you. Emails to/from nbn co limited ABN 86 136 533 741 may undergo email filtering and virus scanning, including by third party contractors, however, nbn co limited does not guarantee that any email or any attachment is secure, error-free or free of viruses or other unwanted or unexpected inclusions. Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of nbn co limited.
PLEASE CONSIDER OUR ENVIRONMENT BEFORE PRINTING
Hi Jatin Gogia,
I'm a Technical Support Engineer that handles RSA DLP. I would need to double check with our developer team about the system requirements for 9.6.3 version. The only document that they provided so far was the released notes which you can see on the RSA Link website. I'm not sure though if we will still follow the hardware requirements on the 220.127.116.11 Support Matrix document which is so far the latest one as of the moment. I'll coordinate with the developer team and update this discussion.
For the downtime, it depends on the your environment, the number of servers you have and their performance. The following are the observed time when I upgraded my servers on my lab.
*EM Upgrade - around 15-20 minutes
*Root Endpoint Coordinator Upgrade - around 15-20 minutes
*Enterprise Coordinator - around 15-20 minutes
*Endpoint - around 20 minutes per endpoint. (Note: there is a new requirement for 9.6.3 endpoint to work which is to install 4.5.2 .Net Framework)
*Network Devices (Network Controller, ICAP, Sensor, Interceptor) - around 20 minutes per network device.
Note: The time frames observed where all seen under RSA DLP Lab which are all running on virtual machines and was setup on a small environment. This should give you an idea on how long the downtime will take.
Could you please also answer if we can upgrade directly from 18.104.22.168 to 9.6.3 or we would need to install the patch 1 and 2 on SP2 before upgrading to SP3?
As advised by our engineering team. Our customers can upgrade to 9.6.3 for those using
9.6-SP2 or greater. So to answer your question, you can directly upgrade to 9.6.3 since you are one 9.6.2. For the system requirement we only have 2 changes which is EM now runs JAVA 8 which is included on the installer. For endpoint, 9.6.3 requires .Net Framework 4.5.2 version. For the complete system requirement for DLP servers, you can still use the 22.214.171.124 support matrix. You can download that file under the RSA Link website under DLP, Documentation. Let me know if you have other questions.
“++Sambit, who would working with me on the upgrade”
Thanks a lot for your response. I would further like to know the following:
What RSA DLP SP3 brings w.r.t:
1. Feature Enhancement
2. Bug Fixes
3. Vulnerability Fixes over SP2
Hi jatin Gogia,
Please see information below.
What's NewThis section lists what’s new and changed in RSA DLP 9.6 SP3.Support for Windows 10 Operating SystemWith this release, the RSA DLP EndPoint and DLP Data Center are supported on Windows 10 Operating System.Support for Microsoft Office 2016With this release, RSA DLP supports Microsoft Office 2016.Support for Microsoft SQL 2014With this release, the RSA DLP supports Microsoft SQL 2014.Support for Microsoft .NET Framework 4.5.2With this release, the RSA DLP Endpoint supports Microsoft .NET Framework 4.5.2 or above.Support for Microsoft Edge Browser on Windows 10 Operating SystemWith this release, the RSA DLP EndPoint supports and monitors Microsoft Edge browser on Windows 10 OperatingSystem.
Security Fixes• Openssh security update. For information, see security advisory RHSA-2016:0466-1. The Openssh securityupdate (CVE-2015-5600, CVE-2016-3115) affects only the RSA DLP Network component.• Java is upgraded from version 7 to 8 to address multiple security issues.• Madshi library is upgraded from version 3.1.10 to 3.1.12 to address PAGE_EXECUTE_READWRITE issues.
DLP Endpoint• Endpoint fails to detect violation when a file is uploaded using HTTPS on Hotmail, Gmail, or Yahoo Mail.
Known IssuesNetwork Controller javax.net.ssl.SSLException unable to communicate with EMProblem: The Network Controller is unable to send event.zip to EM due to an error message seen on NetworkController messages.log file.Workaround: If Network Controller is unable to communicate with EM, do the following:1. Logon to Network Controller as a root user and execute the following commands:chmod o-r /usr/java/latest/lib/security/java_nonfips.securitychmod o-r /usr/java/latest/lib/security/java_fips.security2. Restart the Network Controller services.Username files are not populated on controllerProblem: Username files are not populated on Controller when Enterprise Manager is on Win 2012.Workaround: Install Enterprise Manager on Win 2008.Unable to capture violation during print functionality in the Microsoft Edge browserProblem: Unable to capture violation during print functionality in the Microsoft Edge browser.Workaround: None.
All the information below can be seen on 9.6.3 release notes which you can acquire by going to RSA DLP>Documentation.
Did you get a chance to check with the developer to find out the system requirements necessary to run DLP 9.6 SP3?
I was able to check with our developer team and was advised that we are still going to use the same system requirements that you can see on DLP support matrix. For the two cases you have mentioned, the recommendations for that is for NBN to at least use 9.6 SP2 P6 since there were a lot of fixes implemented on that version that could address your DLP concerns.
Thanks for the prompt response. Could you please confirm if RSA DLP is going EOL&S? If yes, what is the date?
Please see link below for details.
RSA announces End of Life (EOL) dates for RSA Data Loss Prevention Suite (DLP)
Could you please share the analysis done for case # New DLP case 00826194 and old DLP case 0072644 raised earlier with you guys.
Retrieving data ...