Remote SQL Server machines

The choice of whether to use a local or remote Microsoft SQL Server database is made during installation, when Forcepoint DLP components are installed on the management server machine.

If a remote database is selected, administrators have the option to enable Forcepoint DLP archiving. (Archiving is automatically enabled when a local database is used.)

When incidents are archived, they are initially stored in a temporary folder. For a remote SQL Server database, this folder is defined during Forcepoint DLP installation. Both the database and the management server must have access to the temporary folder.

If the temporary folder is not defined during Forcepoint DLP installation, it is not possible to archive incidents. Attempts to manually archive partitions cause the Forcepoint Security Manager to display a warning that archive settings have not been fully configured, so archiving won’t work. Automatic archiving fails and sends a message to syslog.

If you receive an archiving warning or error message, modify your installation as follows to enable archiving:

Steps

  1. Launch the Forcepoint Security Installer on the management server.
  2. Next to Forcepoint DLP, select Modify.
  3. Click Next until you reach the Temporary File Location page.
  4. Select Enable incident archiving and backup.
  5. Enter the local or network path to the temporary folder to use during incident archiving.
    • The folder must already exist.
    • Both SQL Server and the management server must be able to access the temporary folder.
  6. Enter the UNC path that the management server should use to access the temporary folder.
  7. Provide network credentials with read/write permissions to the temporary folder.
  8. Complete the installation wizard.
  9. Open the Data Security module of the Security Manager and click Deploy.

Next steps

Note that you only configure the temporary archive folder in the installer. To configure the final location of the archive, use the Settings > General > Archive Storage page in the Data Security module of the Security Manager.