This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
This document is provided for informational purposes only. All warranties relating to the information
in this document, either express or implied, are disclaimed to the maximum extent allowed by law.
With the use of the Firewall and other measures worms should not be able to infect the network.
Open Ports / Protocols / Encryption Standards
This is list of ports to manipulate when provisioning an internet-facing or firewalled secured instance of
the Symantec eDiscovery Platform. Be aware that not all ports are required to stay open after a specific
port-related task(s) is complete, for example, Windows activation using port 53
Port Protocol Description Optional Misc.
22 TCP SSH, SCP/SFTP Y
25 TCP SMTP Y
53 TCP/UDP DNS Y
80 TCP HTTP
443 TCP HTTPS
3389 TCP Microsoft RDP Y
21 ftp
626 Ldap-s Y
88 kerberos Y
123 ntp
389 LDAP Y
135-139
Required by NETBIOS that enables various network related communications: Microsoft fi le sharing SMB: User Datagram Protocol (UDP) ports and Transmission Control Protocol (TCP) ports Used for File Share Collection & Desktp Collection. Must be Bi -Directional.
3306 Used by MySQL to enable remote database access. Must be used with a Symantec eDiscovery Platform cluster or if a separate MySQL server is being used
445 For File Share and PC Collections we use the SMB or CIFS protocol, which uses TCP port 445
Required for fi le sharing and needed to allow sharing fi les across a network. Must be Bi-Directional.
application port for inter-appliance communication
135 Used by various windows critical services including the Firewall Service. Symantec eDiscovery Platform util izes the native Windows Firewall on the appliance to "harden" the Symantec eDiscovery Platform.
Table 1
Auditing & reporting
Symantec eDiscovery Platform provides a number of logs and auditing services within the User Interface
(UI) as well as locally on the appliance. If necessary, these logs are able to be compressed and retained
according to local retention and preservation policies.
The jobs are listed by name (see below) with the corresponding data and time appended in the name for
ease of use and troubleshooting.
The location of the logs on the local appliance is:
D:\CW\Vx.x\Logs (Vx.x denotes the latest installed version of the Symantec eDiscovery Platform
– if the deployed is version 7.1.4 the path would be D:\CW\V714\Logs)
o Access Logs
Provides information on application access times on login.
o Catalina Logs
Provides information on the Apache Tomcat webserver jobs as well as any
errors for ease in troubleshooting
o Server Logs
Provides information on server related tasks and errors for ease in
troubleshooting
o Jobs Logs
o Crawler\Retriever
These log files are related to collections tasks within the collections module and
rendering tasks in the review module. These are listed by specific name such as
Allow redacting Prompt for reason code Allow tag history viewing Allow tag history searching Allow exporting Allow printing Allow native download Allow caching for review Allow searching and fi ltering by processing flags Case Administration Rights All case admin rights System Administrative Settings
Case Manager
Manager-level access to one or more cases (includes case admin capabilities (except source setup rights) plus all case user rights)
General Rights Allow integrated analytics access Allow analysis tags dashboard access Allow access to management charts Allow reports access Allow mobile access Collection Rights Legal Holds Rights Allow Legal Hold access Legal Hold management Document Access Rights Allow viewing Allow tagging Allow move or removing from folders Allow bulk tagging Allow smart tagging Allow viewing of prediction ranks Allow predictive coding actions Allow access to tag event comments Allow access to item notes Allow redacting Prompt for reason code Allow tag history viewing Allow tag history searching Allow exporting Allow printing Allow native download Allow caching for review
Allow searching and fi ltering by processing flags Case Administration Rights Allow case status access Allow user management Allow activity report access Allow group and topic management Allow tag definition Allow folder setup Allow folder check-out management Allow production folder management Allow custodian management Allow participant management View exceptions Manage exceptions Allow OCR processing Other case management functions (e.g. jobs, batches, etc.) Access to all other case management functions not otherwise specified. This includes: batches, jobs, logs, and schedules. System Administrative Settings
Case User Search, tagging, and print dashboard rights to one or more cases
General Rights Allow analysis tags dashboard access Allow access to management charts Collection Rights Legal Holds Rights Document Access Rights Allow viewing Allow tagging Allow move or removing from folders Allow bulk tagging Allow viewing of prediction ranks Allow predictive coding actions Allow access to tag event comments Allow access to item notes Allow redacting Prompt for reason code Allow tag history viewing Allow tag history searching Allow printing Allow native download Allow caching for review Allow searching and fi ltering by processing flags
Case Administration Rights No case admin rights System Administrative Settings
Collection Admin
Administrator-level collection set management
General Rights Allow integrated analytics access Allow reports access
Allow mobile access Collection Rights Allow collections access Data map management Collections management Collection sets management Legal Holds Rights Document Access Rights Case Administration Rights No case admin rights System Administrative Settings Allow Case Home and All Cases Dashboard Access
eDiscovery Admin
Administrator-level access to one or more cases as well as well as collection set management and integrated analytics
General Rights Allow integrated analytics access Allow analysis tags dashboard access Allow access to management charts Allow reports access Allow mobile access Collection Rights Allow collections access Data map management Collections management Collection sets management Legal Holds Rights Allow Legal Hold access Legal Hold management Document Access Rights Allow viewing Allow tagging Allow move or removing from folders Allow bulk tagging
Allow smart tagging Allow viewing of prediction ranks Allow predictive coding actions Allow access to tag event comments Allow access to item notes Allow redacting Prompt for reason code Allow tag history viewing Allow tag history searching Allow exporting Allow printing Allow native download Allow caching for review Allow searching and fi ltering by processing flags Case Administration Rights All case admin rights System Administrative Settings Allow Case Home and All Cases Dashboard Access
Legal Hold Admin
Administrator-level legal hold management
General Rights Allow integrated analytics access Allow mobile access Collection Rights Legal Holds Rights Allow Legal Hold access Legal Hold management Document Access Rights Case Administration Rights No case admin rights System Administrative Settings Allow Case Home and All Cases Dashboard Access
System Manager
Unrestricted rights to manage entire Symantec eDiscovery Platform system, including administrator-level access to all cases
General Rights Allow integrated analytics access Allow analysis tags dashboard access Allow access to management charts Allow reports access Allow mobile access Collection Rights Allow collections access Data map management Collections management Collection sets management Legal Holds Rights
Allow Legal Hold access Legal Hold management Document Access Rights Allow viewing Allow tagging Allow move or removing from folders Allow bulk tagging Allow smart tagging Allow viewing of prediction ranks Allow predictive coding actions Allow access to tag event comments Allow access to item notes Allow redacting Prompt for reason code Allow tag history viewing Allow tag history searching Allow exporting Allow printing Allow native download Allow caching for review Allow searching and fi ltering by processing flags Case Administration Rights All case admin rights System Administrative Settings Allow Case Home and All Cases Dashboard Access Allow system management Allow support access Allow new case creation, case backup, restore, deletion, template creation Allow collections and data map backup, restore Allow user management Allow admin user and role management
Table 3
About Symantec:
Symantec is a global leader in
providing security, storage, and systems management solutions to help consumers and organizations
secure and manage their information-driven world. Our software and services protect
against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored.
Headquartered in Mountain View,
Calif., Symantec has operations in 40 countries. More information is available at www.symantec.com.