How to configure DLP integration with Symantec via ICAP?
To configure DLP integration between SphereShield and Symantec, we'll first need to sign into the AdminPortal's admin area.
I.E: http://example.comany.com/admin
Change the "Enable DLP Integration" Setting to "Yes" in Settings → DLP Integration, or by using the following URL: /admin/settings?category=settings_dlp_integration_category_header
Configure the following(bolded values are what need to be changed):
| General | ||
|---|---|---|
| Name | Values | Details |
| DLP Provider | Symantec | The DLP Provider, choose Symantec |
| Integration Method | ICAP | Select ICAP for the integration protocol |
| DLP ICAP Server | IP/Hostname of the Symantec Enforce server | Enter the IP or the hostname for the Symantec Enforce server |
| DLP ICAP Server port | Port number | Enter the port on which ICAP requests will be sent to the Symantec Enforce server. |
| DLP ICAP Service Name | reqmod | this is the service in the Symantec Enforce server we need to contact. |
| Enable Secure ICAP | Yes/No | Enable ICAP over TLS |
| DLP ICAP Block Message Pattern | The configured block message response from the ICAP server (default: Content blocked due to policy violation) | The format of the message for blocked message from the ICAP server |
Example
