Video Screencast Help

Creat group and assign policy

Created: 01 Feb 2013 | 6 comments

Hi All,

How to Creat group and assign policy to that group (for only one Department) and we need to white list few IP Adress and Email's for that group only in symantec DLP 11.5.

Comments 6 CommentsJump to latest comment

fivelakes's picture

There is a great step by step information as to how to do this in the admin guide.  It's called DGM or directory group matching.  

You have to create the connection, then assign it to a policy once the directory has been created.  If you do not have the admin guide please get it and take a look at it and try it out.  

Mohan G kumar's picture

I want to create Costumer Support group and we need to move users from default group to Customer Support group and need to exclude few IP Address and Email Id for only on that group.

Remaining groups it should work normally and we have Endpoint DLP, Network DLP, and Discover DLP.
Kindly provide me the Steps for the same.

zafar1907's picture


check this forum

How To Create DLP Policy for Special User Group

Hope This Helps!!!


Thanks and Regards,

Mohammad zafar

Please Mark as solution if this comment solved your Issue....

Mohan G kumar's picture

After Creating group with AD.
How to Exclude Few Domain ID's and IP Address and email for that group
Kindly provide me the steps for the same.

kishorilal1986's picture

Open the policy in question that is triggering the incidents and blocking confidential information being sent.

1. Set an exception on the Detections tab of the policy for the relevant user's actions*. 
2. Open the policy in question. 
3. On the Detection tab click on the Add Exception button
4. Under Protocol check the option Protocol or Endpoint Monitoring
5. Then click on the Next button. 
6. Enter an Exception Name
7. Under Conditions select the options required by ticking each box required. eg. HTTP, SMTP, Local Drive, Removable Storage, Copy to Network Share, Clipboard,..etc.
8. Go to the bottom and select the dropped Also Match down box and look for and select Sender/User Matches Pattern
9. Click on Add button
10. A new box will appear on screen for Sender Pattern, enter the domain username of the users you want to exclude from the policy. 
11. Click OK button to finish.