Data Loss Prevention

 View Only

  • 1.  creating policy

    Posted Aug 05, 2013 04:53 AM

    hi all,

     

    do you have the pdf  regarding on how to create policy?

    and how it report to incidents/?

     

     

    thank you



  • 2.  RE: creating policy

    Posted Aug 05, 2013 04:57 AM

    Hi,

    There are no special guide for the policy configuration, but, you can find some useful information on theSymantec_DLP_10.5_Admin_Guide.pdf. The chapter 8 is named 'Authoring policies', this may be helpful to you.



  • 3.  RE: creating policy

    Posted Aug 05, 2013 04:59 AM

    which policy you are required.



  • 4.  RE: creating policy
    Best Answer

    Posted Aug 05, 2013 05:00 AM
    Hi To achieve above task first u need to install network or endpoint components on which u wanted to blocj such content based on content/filetype.U can create test policy and configure to block (DCM) -keywords to block and apply on each componet i.e network or endpoint. Open the policy in question that is triggering the incidents and blocking confidential information being sent. 1. Set an exception on the Detections tab of the policy for the relevant user's actions*. 2. Open the policy in question. 3. On the Detection tab click on the Add Exception button 4. Under Protocol check the option Protocol or Endpoint Monitoring 5. Then click on the Next button. 6. Enter an Exception Name 7. Under Conditions select the options required by ticking each box required. eg. HTTP, SMTP, Local Drive, Removable Storage, Copy to Network Share, Clipboard,..etc. 8. Go to the bottom and select the dropped Also Match down box and look for and select Sender/User Matches Pattern 9. Click on Add button 10. A new box will appear on screen for Sender Pattern, enter the domain username of the users you want to exclude from the policy. 11. Click OK button to finish. Check the chapter on 'Authoring policies' in Admin Guide > https://www-secure.symantec.com/connect/forums/cre... https://www-secure.symantec.com/connect/articles/c... https://www-secure.symantec.com/connect/articles/c... https://www-secure.symantec.com/connect/articles/d... https://www-secure.symantec.com/connect/forums/cre...


  • 5.  RE: creating policy

    Posted Aug 05, 2013 05:01 AM

    Hello,

    Could you plz explain me what you are looking for?



  • 6.  RE: creating policy

    Broadcom Employee


  • 7.  RE: creating policy

    Posted Aug 05, 2013 11:17 PM

    hi,

    thank you guys,

    i'm just wonderin'

    those channels for protocol/endpoint monitoring?

    if i create policy and click those all http/https

    email/smtp and ftp.

     

    is this canbe work withouy the network MOnitoring?????



  • 8.  RE: creating policy

    Posted Aug 06, 2013 02:42 AM

    The best way to do this is to learn in a lab. Maybe you should start looking at the existing policies and start testing them with dummy incidents, then play around with the various options and see how it reacts. You can then work with the ecsiting policy templates as well and this should give you enough hands on experiance to create policies of your own.



  • 9.  RE: creating policy

    Posted Aug 07, 2013 12:00 AM
    Hi mbuenaobra, any update your problem is solve or not.