Symantec Data Loss Prevention Policies

We can say DLP is pure policy driven the product. If you can't define policy or which data you want to protect then better you have to learn it first.

Define Policy:  In layman's word policy is nothing but the rules you define for data which you want to protect 

Symantec Data Loss Prevention enables you to:

■ Discover and locate confidential information in Box cloud storage, on file and Web servers, in databases, on mobile    devices, and on endpoints (desk and laptop systems)

■ Protect confidential information through quarantine

■ Monitor network traffic for transmission of confidential data

Technical Definition: 

Endpoint Prevent Policies (Endpoint)

• Block Email Communication to third Party Domains (Outlook)

  E.g. Gmail, yahoo, Hotmail, etc.

           Use: No user can send Emails to Third party domains defined in policy.

           Exception: Allowed user can Send Emails to external domains.

• Monitor Uploads over HTTPS/HTTP/FTP Protocol.

           Use: Monitors Each and Every Documents, Images, TextFiles upload.

           Exception: User can upload documents to sites allowed by Administrator.

• Temporary Email Exceptions

           Use: This policy allows a user to send emails to outside networks with the approval of the respective manager, and the manager will be notified by                Email wherever incident is generated for this particular users.

• Exception List

           Use: Group of people who have all the Rights. They are in exception list for rest of policies.

• USB Monitoring ( Not yet implemented )

           Use: Monitors each any every file transfer to USB devices and generate incidents.

           E.g. Documents, Images, etc.

           Exceptions: Allowed users can be in exceptions.

For more download the attachment...  :)  Thanks.