Configure the
Symantec Data Loss Prevention
Cloud Service for Disaster Recovery

The following table lists recommendations for configuring the
Symantec Data Loss Prevention
cloud service for high availability and disaster recovery.
Best practices for configuring
Symantec Data Loss Prevention
cloud service
Best practice
More information
Clone the Enforce Server.
Record the Enforce Server UUID (also identified as the
EnforceID
and
UUID
).
The UUID is the randomly generated GUID. You restore the UUID from the previous system to restore a new system. If the UUID does not match, then you must re-enroll each of the CDS bundles that you have.
See article 258252 for additional information.
Synchronize and back up the cryptography certificates in
enforce_keystore.jks
.
The file is located at one of the following locations, depending on your platform:
  • Windows:
    C:\ProgramData\Symantec\DataLossPrevention\EnforceServer\<DLP Version>\keystore\
  • Linux:
    /var/Symantec/DataLossPrevention/EnforceServer/<DLP Version>/keystore/
This file contains one or more cloud certificates for communication with one or more Cloud Detection Services (CDS). If you do not have the
jks
file, then you can obtain another enrollment bundle from the Cloud Management Portal (CMP). Use the bundle to connect back up to the CDS. If you have more than one CDS, they will all be reconnected after applying the first bundle.