About importing data from the Symantec Data Loss Prevention

The Symantec Data Loss Prevention (DLP) is a pre-integrated system available in the External Data Integration workspace. To import the incident data from DLP, you must create a data connection between your DLP deployment and CCS.
You must also enable and configure the DLP Web Services before you import the DLP incident data into CCS.
The user account that is configured for the connection must have the Reporting API Web Service access permission.
When you create the Symantec Data Loss Prevention data connection, you do the following:
  • Specify the address and the credentials that is used to contact the DLP Enforce Server.
    Use the following formats to specify the credentials:
    • <username>
    • <role name>\<username>
    • <username>:<domain name>
      For example,
      user1:mydomain
    • <role name>\<username>:<domain name>
      For example,
      role\user1:mydomain
  • Specify the DLP reports to collect incident data from.
  • Create a schedule for importing the incidents data.
  • Configure email notification to inform about the success and failure of the data import.
After you add a data connection, the new data connection appears under the Symantec Data Loss Prevention system in the External Data Integration workspace. A new external data integration job with the specified data connection name is created which imports the incidents data in CCS.