Use Server Virtualization for Detection Servers
As a best practice, configure the server virtualization to prevent over subscription. If over subscription occurs for host machines, DLP performance is degraded.
Whether you use dedicated or non-dedicated resources for the detection servers depends on several factors. Consider the following items when choosing resource allocation:
- Number of CPUs
- Amount of dedicated RAM
- Resource reservations for CPU cycles and RAM
The following table lists recommendations and best practices for configuring a virtualized detection server environment:
Recommendation | More information |
|---|---|
Clone virtual machines with DLP up and running. | Use the virtualization tools that are provided by your virtualization hosting solution. |
Clone the secondary detection server when the primary DLP services are not running. | To restore detection servers, you are not required to use a cloned version. You can install fresh detection servers without losing data. |
Use active and passive groups. | The number of groups depends on the organizational priority. The priority is based on how many passive servers the environment requires. |