Open the SphereShield Portal
Go to Settings→ DLP Integration (/admin/settings?category=settings_dlp_integration_category_header)
Enable DLP Integration by changing the "Enable DLP Integration" option to "Yes"
Choose DLP provider - 3rd Party or AGAT for Regex Based rules (Configure in /admin/DLPrules)

General configuration options

Proptery	Options	Description
General
Enable DLP	Yes/No	Enable DLP policy inspection
Enable DLP On	Bastion, SIP Filter	Enable inspection on a component(multichoice) Bastion - Enable DLP inspection for HTTP traffic(Relevant for Mobile devices, Webapp and MAC) SIP Filter - Enable DLP inspection for SIP traffic(Relevant for PC clients and federated traffic)
DLP Provider	AGAT/Other/Symantec/ForcePoint(WebSense)/Mcafee/Fidelis	The DLP provider that will be used for the Inspection AGAT - Sphereshield's internal DLP Engine based on regex (Regex rules can be configured under [Admin Portal] > [DLP Rules]) Other - Non-natively supported ICAP DLP Engine (Please contact support before using) Symantec Mcafee Fidelis
Block Traffic when DLP engine is not available	Yes/No	Block all inspected traffic In the case there is no response from the DLP server
Filter only outgoing IM Traffic	Yes/No(Default: Yes)	Filter only communication between internal and federation users
Enable DLP for conferences	Yes/No	Enables DLP inspection for conferences
Internal SIP Domain List	List of internal SIP domains	The list of the SIP domains that are used internally (used to differentiate between internal and federated users) In order to insert an internal domain enter your internal SIP domains in the textbox and then press Enter. Example of SIP domains: contoso.com *.greenhouse.com corp.domain.com
Include sub-domains of the internal SIP domain	Yes/No	Whether to include sub-domains under one level
Enable DLP Auditing	Yes/No	Record DLP events in the database, Events can be seen in the Admin portal under [Auditing] >[DLP Auditing]
Admin Notification
Admin notification type	[Log]/[Log and Mail]/[Log, Mail and IM]	The type of notification that will be utilized Options are: Log - Log in database, File, and Event viewer Log and Mail - Same as Log but also send mail to the configured administrator(Require to configure EMail notification, for more information see: How to configure IM and E-Mail Notifications?) Log, Mail and IM - Same as Log and Mail but also notify the administrator in a private message(Require the configuration of UCMA for more information see:How to configure IM and E-Mail Notifications? and UCMA integration
Admin notification recipient(email)	Recipient Email account	The recipient Admin Email account (Only relevant if mail is configured)
Admin notification recipient(IM)	Recipient IM SIP address	The Recipient Admin SIP address for IM(Only relevant if UCMA and IM notification is configured)
Admin notification recipient Message	IM Message content	The IM message content
Admin notification Email subject	Mail message content	The mail message content
DLP User Notification
User Notification Type	None/IM	Enable notification to the user in case of violation(Require UCMA integration)
User Notification Message	Message	The message that will be sent to the user in case of violation
User Block Message	Message	The message that will be sent to the user in case of violation on block mode
User Modify Message	Message	The message that will be sent to the user in case of violation on block mode in case of modify
Advanced
Record Active Directory Users Information	Yes/No	If set to "Yes", will fetch the CN of the AD user for enhanced logging. This might impact performance.(Required for DLP Providers in order to enforce policies based on groups)

Title	Creator	Modified
How to configure DLP integration with Symantec via RESTful API?	Agat Support	Apr 13, 2022
Symantec DLP Integration	Agat Support	Apr 13, 2022
External ICAP DLP Integration	Agat Support	Apr 13, 2022
How to Configure SphereShield for SfB DLP?	Agat Support	Aug 08, 2021