Configure Forcepoint DLP to scan NFS

Steps

  1. Log on to the Data Security module of the Security Manager.
  2. Create a data discovery policy. (See Creating a data discovery policy for instructions.)
  3. On the Main > Policy Managemen > Discovery Policies page, select Add network task > File System Task.
  4. On the General page, add a name and description for the discovery task and select the crawler hosted on the machine that also hosts the NFS client.
    This is the crawler that will perform the file system discovery.
  5. On the Networks page, click Advanced and add port 2049 to the existing list of scanned ports.
  6. On the Scanned Folders page, specify the shares to scan and the user name and password of the Windows user mapped to the UNIX account as follows:
    Note: Network discovery has a limit of 255 characters for the path and file name. Files contained in paths that have more than 255 characters are not scanned.
    1. Select the Shared Folders to scan:
      • Select Administrative shares to scan administrative share drives such as C$.
      • Select Shared folders to scan shared folders such as PublicDocs.
      • Select Specific folders to scan one or more specified folders, then enter one or more folder names. Use semi-colons to separate entries.
    2. Select the Method to use when scanning network shares: TCP or ICMP.
    3. Enter the User name and Password of the Windows user that was previously mapped to a UNIX account.
  7. Deploy your changes.
    For more information on the wizard for creating file system discovery tasks, see File System tasks.