Symantec™ Data Loss

Prevention Supportability
Telemetry Guide

Version 15.0
Symantec™ Data Loss Prevention Supportability
Telemetry Guide
Documentation version: 15.0a

Legal Notice
Copyright © 2017 Symantec Corporation. All rights reserved.

Symantec, the Symantec Logo and the Checkmark Logo are trademarks or registered
trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other
names may be trademarks of their respective owners.

This Symantec product may contain third party software for which Symantec is required to
provide attribution to the third party (“Third Party Programs”). Some of the Third Party Programs
are available under open source or free software licenses. The License Agreement
accompanying the Software does not alter any rights or obligations you may have under those
open source or free software licenses. Please see the Third Party Legal Notice Appendix to
this Documentation or TPIP ReadMe File accompanying this Symantec product for more
information on the Third Party Programs.

The product described in this document is distributed under licenses restricting its use, copying,
distribution, and decompilation/reverse engineering. No part of this document may be
reproduced in any form by any means without prior written authorization of Symantec
Corporation and its licensors, if any.

THE DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED

CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED
WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR
NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH
DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL
NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION
WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE
INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE
WITHOUT NOTICE.

The Licensed Software and Documentation are deemed to be commercial computer software
as defined in FAR 12.212 and subject to restricted rights as defined in FAR Section 52.227-19
"Commercial Computer Software - Restricted Rights" and DFARS 227.7202, et seq.
"Commercial Computer Software and Commercial Computer Software Documentation," as
applicable, and any successor regulations, whether delivered by Symantec as on premises
or hosted services. Any use, modification, reproduction release, performance, display or
disclosure of the Licensed Software and Documentation by the U.S. Government shall be
solely in accordance with the terms of this Agreement.
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043

http://www.symantec.com
About DLP Supportability
Telemetry
This document includes the following topics:

■ Introducing DLP Supportability Telemetry

■ Security of DLP Supportability Telemetry information

■ Information collected by DLP Supportability Telemetry

■ Automatically uploading DLP Supportability Telemetry information to Symantec

■ Managing DLP Supportability Telemetry

Introducing DLP Supportability Telemetry

The DLP Supportability Telemetry program helps Symantec improve the quality of
Symantec Data Loss Prevention. Participation in this program is entirely your choice,
and you can opt in or out of sharing this information at any time. Supportability
Telemetry collects information from your Symantec Data Loss Prevention installation
and sends it securely and anonymously to Symantec. The collected information
provides Symantec with a better understanding of how Symantec Data Loss
Prevention is used, which can greatly improve new product planning and
development. In addition, the collected information can help you troubleshoot
problems when you work with Symantec Support to resolve a support case.
The information that Symantec collects does not include details about potential or
actual data loss in your organization. Symantec collects no actual incident data or
other sensitive information, such as names of users. The information Symantec
collects pertains primarily to environment variables and factors that can affect
performance, such as version number, number of detection servers, or number of
endpoint agents. If you choose to participate in the DLP Supportability Telemetry
 About DLP Supportability Telemetry 5
Security of DLP Supportability Telemetry information

program, the collected information is automatically uploaded to a server at Symantec.

You can schedule both collection and data transmission on a daily, weekly, or
monthly basis.
For details about the information collected by DLP Supportability Telemetry, See
“Information collected by DLP Supportability Telemetry” on page 5.

Security of DLP Supportability Telemetry information

To ensure the security of your data, only Symantec Data Loss Prevention users
with Server Administrator privileges can configure and view DLP Supportability
Telemetry information. All DLP Supportability Telemetry information is encrypted
before transmission, and is sent to Symantec using HTTPS.

Information collected by DLP Supportability

Telemetry
DLP Supportability Telemetry automatically collects the following system information
and stores it as system information within your Symantec Data Loss Prevention
database.
■ Symantec products you have licensed.
■ Customer ID: Your customer ID is an automatically generated number that is
used to identify your collected DLP Supportability Telemetry data.
■ Currently installed version of the Enforce Server.
■ Total number of detection servers.
■ Endpoint agent versions and total number of agents for each version.
■ File types for which there are incidents.
■ Network Discover/Cloud Storage Discover target types, as well as scan and last
modified dates for those targets.
You can also provide the following information at your discretion:
■ Environment type: Specifies whether the data comes from a production or a test
environment.
■ Your company name. Your company name is anonymous by default.
This information is collected whether or not you choose to participate in the DLP
Supportability Telemetry program. Old DLP Supportability Telemetry information
is automatically deleted.
 About DLP Supportability Telemetry 6
Automatically uploading DLP Supportability Telemetry information to Symantec

At transmission time, your DLP Supportability Telemetry data is pulled from the
database and formatted as several .csv files within an encrypted archive called
telemetry_info.zip.

You can view your DLP Supportability Telemetry data at any time. See “Viewing
your DLP Supportability Telemetry information” on page 7.

Automatically uploading DLP Supportability Telemetry

information to Symantec
You can enable automatic upload of DLP Supportability Telemetry information from
your Enforce Server to Symantec during the installation or upgrade process by
selecting the box labeled Participate in the Supportability Telemetry program.
Your Enforce Server must have an Internet connection to transmit DLP Supportability
Telemetry information.
If you opted out of the program during installation or upgrade, you can enable
automatic upload from your Enforce Server administration console:
To enable automatic upload of your DLP Supportability Telemetry information
1 In the Enforce Server administration console, go to System > Settings >
Supportability Telemetry.
2 Click Configure. The Edit Supportability Telemetry page appears.
3 In the Telemetry Enforce Environment section, specify whether this is a
Production or Test environment.
4 In the Telemetry Information Upload section, check Participate in the
Supportability Telemetry Program.
5 Click Save.
To disable automatic upload of your DLP Supportability Telemetry information
1 In the Enforce Server administration console, go to System > Settings >
Supportability Telemetry.
2 Click Configure. The Edit Supportability Telemetry page appears.
3 In the Telemetry Information Upload section, clear the Auto Upload check
box.
4 Click Save.
 About DLP Supportability Telemetry 7
Managing DLP Supportability Telemetry

Managing DLP Supportability Telemetry

You can review your DLP Supportability Telemetry settings from the System >
Settings > Supportability Telemetry page on the Enforce Server administration
console.
For information about configuring DLP Supportability Telemetry options, see the
following topics:
See “Automatically uploading DLP Supportability Telemetry information to Symantec”
on page 6.
See “Scheduling automatic upload of your DLP Supportability Telemetry information”
on page 8.
See “Scheduling collection of your DLP Supportability Telemetry information”
on page 9.
See “Specifying the age of DLP Supportability Telemetry information to delete”
on page 9.
To view an unencrypted version of your DLP Supportability Telemetry information,
see the following topic:
See “Viewing your DLP Supportability Telemetry information” on page 7.

Viewing your DLP Supportability Telemetry information

Before you send any information about your deployment to Symantec, you can view
it by exporting an unencrypted version to a local .zip archive. This archive contains
your DLP Supportability Telemetry information in .csv format.
To view your DLP Supportability Telemetry information
1 In the Enforce Server administration console, go to System > Settings >
Supportability Telemetry.
2 Click View Info.
You can save the telemetry_info.zip file, or open it to view your DLP
Supportability Telemetry information immediately.
Within the telemetry_info.zip file you will find these .csv files:
■ timestamp_agents_installed.csv. This file contains information about the
number of agents you have installed, as well as the version number of those
agents.
■ timestamp_enforce_version.csv. This file contains information about the
version of Symantec Data Loss Prevention that you are currently running.
 About DLP Supportability Telemetry 8
Managing DLP Supportability Telemetry

■ timestamp_file_type.csv. This file contains information about the types of

files that are associated with your incidents.
■ timestamp_job.csv. This file contains information about the DLP Supportability
Telemetry collection and transmission process, as well as your unique identifier
and customer name. It also specified whether this is a test or production
environment.
■ timestamp_monitor_channel.csv. This file lists the number of detection servers
you are running, as well as their type, such as Network Discover/Cloud Storage
Discover or Endpoint Prevent.
■ timestamp_prod_license.csv. This file contains information about the
Symantec products you have licensed.
■ timestamp_target_type.csv. This file contains information about your Network
Discover/Cloud Storage Discover targets.
■ timestamp_task.csv. This file contains information about the DLP Supportability
Telemetry task itself.

Scheduling automatic upload of your DLP Supportability Telemetry

information
You can schedule daily, weekly, or monthly automatic upload of telemetry information
from the Enforce Server administration console. The default upload schedule is
monthly, on the first day of the month at 2:00 A.M.
To schedule automatic upload of your DLP Supportability Telemetry information
1 In the Enforce Server administration console, go to System > Settings >
Supportability Telemetry.
2 Click Configure. The Edit Supportability Telemetry page appears.
3 In the Telemetry Information Upload section, specify an upload schedule:
■ Daily: Specify the hour of the day for automatic upload.
■ Weekly: Specify a day or multiple days of the week and an hour for
automatic upload.
■ Monthly: Specify a day of the month and an hour for automatic upload.

4 Click Save.
 About DLP Supportability Telemetry 9
Managing DLP Supportability Telemetry

Scheduling collection of your DLP Supportability Telemetry

information
You can schedule daily, weekly, or monthly collection of telemetry information to
Symantec from the Enforce Server administration console. The default collection
schedule is weekly, on Saturday at 2:00 A.M.
Telemetry information is collected whether or not you have opted in to sharing this
information with Symantec. You cannot disable collection of this information, but
you are not obligated to share it.
To schedule collection of your DLP Supportability Telemetry information
1 In the Enforce Server administration console, go to System > Settings >
Supportability Telemetry.
2 Click Configure. The Edit Supportability Telemetry page appears.
3 In the Telemetry Information Upload section, specify a collection schedule:
■ Daily: Specify the hour of the day for collection.
■ Weekly: Specify a day or multiple days of the week and an hour for
collection.
■ Monthly: Specify a day of the month and an hour for collection.

4 Click Save.

Specifying the age of DLP Supportability Telemetry information to

delete
You can specify the age of telemetry information for deletion from the Enforce
Server administration console. By default, DLP Supportability Telemetry information
is deleted after six months.
To specify the age of DLP Supportability Telemetry information to delete
1 In the Enforce Server administration console, go to System > Settings >
Supportability Telemetry.
2 Click Configure. The Edit Supportability Telemetry page appears.
3 In the Telemetry Information Deletion section, enter a number of weeks or
months in the Delete Information Older Than field.
4 Click Save.