- Open the SphereShield Portal
- Go to Settings→ DLP Integration (/admin/settings?category=settings_dlp_integration_category_header)
- Enable DLP Integration by chaning changing the "Enable DLP Integration" option to "Yes"
- Choose DLP provider - 3rd Party or AGAT for Regex Based rules (Configure in /admin/dlprules)
...
- /DLPrules)
General configuration options
Proptery | Options | Description |
---|---|---|
General | ||
Enable DLP | Yes/No | Enable DLP policy inspection |
Enable DLP On | Bastion, SIP Filter | Enable inspection on a component(multichoice)
|
DLP Provider | AGAT/Other/Symantec/ForcePoint(WebSense)/Mcafee/Fidelis | The DLP provider that will be used for the Inspection
|
Block Traffic when DLP engine is not available |
...
Yes/No | Block all inspected traffic In the case there is no response from the |
...
DLP server |
Filter only outgoing IM Traffic |
---|
...
Yes/No(Default: Yes) | Filter only communication between internal and federation users | |
Enable DLP for conferences |
...
Yes/No | Enables DLP inspection for conferences | |
Internal SIP Domain |
...
List | List of internal SIP domains | The list of the SIP domains that are used internally (used to differentiate between internal and federated users) In order to insert an internal domain enter your internal SIP domains |
---|
...
in the textbox and then press Enter. Example of SIP domains:
| ||
Include sub-domains of the internal SIP domain | Yes/No | Whether to include sub-domains under one level |
---|---|---|
Enable DLP Auditing | Yes/No | Record DLP events in the database, Events can be seen in the Admin portal under [Auditing] >[DLP Auditing] |
Admin Notification | ||
Admin notification type | [Log]/[Log and Mail]/[Log, Mail and IM] | The type of notification that will be utilized Options are:
|
Admin notification recipient(email) | Recipient Email account | The recipient Admin Email account (Only relevant if mail is configured) |
Admin notification recipient(IM) | Recipient IM SIP address | The Recipient Admin SIP address for IM(Only relevant if UCMA and IM notification is configured) |
Admin notification recipient Message | IM Message content | The IM message content |
Admin notification Email subject | Mail message content | The mail message content |
DLP User Notification | ||
User Notification Type | None/IM | Enable notification to the user in case of violation(Require UCMA integration) |
User Notification Message | Message | The message that will be sent to the user in case of violation |
User Block Message | Message | The message that will be sent to the user in case of violation on block mode |
User Modify Message | Message | The message that will be sent to the user in case of violation on block mode in case of modify |
Advanced | ||
| Yes/No | If set to "Yes", will fetch the CN of the AD user for enhanced logging. This might impact performance.(Required for DLP Providers in order to enforce policies based on groups) |
...
Related Articles:
Content Report Table | ||
---|---|---|
|
...