Add DLP Rules

---

Create DLP Rules using this screen.

Add DLP Rules

       

● Users/Group: Select Users/Group radio button, to add users or group for DLP scanning or Select ALL radio button, to enable DLP scanning for the entire network.

● Services: Select the service from the drop down list to enable DLP, also Set Filters to drill down to the exact matching data, by clicking on to remove Filters click on . If there are no filters set in DLP rule, it will capture complete data for the DLP rule configured.

⇒ Generic: All http & https traffic going through the firewall are monitored.

→ Http: Captures http header level data.

→ SMTP: Smtp header level data is captured.

→ File Upload: All uploads from http & https are scrutinized by the firewall.

⇒ Web Mails: View or Block access to Personal emails. Mails of the below mentioned web clients can be seen word by word with attachments.

→ Gmail

→ Yahoo

→ Rediff

→ MSN Live

→ Sify Mail

⇒ Orkut: Log data going through Social Networking Sites, with all the below options covered.

→ Orkut Scrap

→ Orkut Message

→ Orkut Forum Post

→ Orkut Forum Event

⇒ Facebook: Popular used Social Networking site for business, now keep track of data going out of Facebook, with all the mentioned optioned covered.

→ Facebook Wall

→ Facebook Message

→ Facebook Forum Post

→ Facebook Comment

→ Facebook Note

→ Face        book Event

⇒ IM Chat: Chats & file upload happening through below mentioned IM clients can be recorded on the firewall.

→ Yahoo Chat

→ Jabber Chat

→ MSN Chat

→  Gadu Chat

⇒ Web Chat: Web chats are handy tools, used on Web 2.0. Transcription also possible of the below mentioned Web chats clients.

→ Yahoo Web Chat

→ Gmail Web Chat

→ Orkut Web Chat

→  Facebook Web Chat

⇒ SMTP Mails: Log the entire mail with attachment, to analyze Data leak. Works on port 25.

→ SMTP Mails

● Timeset: Set timeline for DLP rules to monitor data (default timeline is 24 hours monitoring enabled. Recommended) or set new time line according to your requirements.

● Alert: Set email alerts for DLP communications. Example alerts on file upload, email sent from personal web mail, etc.

● Log: Enable check box to capture & view outbound DLP data.  

● Action: Action to be assigned to a DPL Policy.

⇒ Allow: Allow access if criteria matches to DLP policy.

⇒ Proceed: Scans DLP policy & push down for further more scanning through other DLP policies.

⇒ Block: Will deny access to the said policy & will log the same.

● Status: Decide whether the rule should be active or inactive.

⇒ Active: DLP engine passes data through active DLP policies.

⇒ Inactive: Inactive DLP policies are bypassed by DLP engine.