External ICAP DLP Integration
To configure DLP integration between SphereShield and a provider sign in to the Admin Portal's admin area.
I.E: http://example.comany.com/admin
Change the "Enable DLP Integration" Setting to "Yes" in Settings → DLP Integration, or by using the following URL: /admin/settings?category=settings_dlp_integration_category_header
Configure the following(bolded values are what need to be changed):
| General | ||
|---|---|---|
| Name | Values | Details |
| DLP Provider | Other/Symantec/ForcePoint (Websense)/Mcafee/Fidelis | The DLP Provider(Other is custom ICAP server) |
| DLP ICAP Server | IP/Hostname of the ICAP server | Enter the IP or the hostname for the ICAP Server |
| DLP ICAP Server port | Port number | Enter the port on which ICAP requests will be sent to the ICAP server |
| DLP ICAP Service Name | reqmod | this is the service in the Symantec Enforce server we need to contact.(default for most providers should be reqmod) |
| Enable Secure ICAP | Yes/No | Enable ICAP over TLS |
| DLP ICAP Block Message Pattern | The configured block message response from the ICAP server | The format of the message for a blocked message from the ICAP server |
Supported Providers Presets
| Provider | Service name | Block Message Pattern |
|---|---|---|
| Symantec | reqmod | Content blocked due to policy violation |
| ForcePoint (Websense) | reqmod | Not relevant |
| Mcafee | reqmod | Access Denied |
| Fidelis | fss-req | Access to this website is restricted by your administrator |
Example
