First of all,
Did you install the Symantec DLP Plugin for ISA?
Secondly, I need more data in order to understand the issue.
What type of rule did you create (DCM,IDM,EDM)?
do you see Internet Traffic going through the Endpoint Prevent for web? (you can see that on - Servers>Traffic).

Regards,
Naor Penso

Naor Penso, Thanks for your reply.

First of all, already integrated with ISA successfully and can see Internet Traffic in "Servers>Traffic"

And then we had a  keyword policy (DCM) and response rule is HTTP/HTTPS block.

We tried to search that keyword in the google but haven't got any response and no incident.

Pls advise.

Thanks a lot.

Sunny

Hi,
Do you see an Incident?
I mean, do you get an incident but it doesn't block the traffic?
Regards,
Naor Penso

Hi Sunny,

Unless you enable GET processing in the ISA plugin configuration you would not generate an incident based on a web search on Google. You need to POST or PUT something in order for the request to be inspected by Web Prevent.

Also, the ISA plugin does not support HTTPS traffic, so keep that in mind in your testing.

Finally, the procesing of GET requests is definitely not recommended as it would send massive amounts of traffic for inspection to the Web Prevent server, but with little practical value as almost all that traffic will contain zero data loss risk.

If you want to test your policy, try sending an email through gmail (make sure its a non-HTTPS session) or posting something on a blog etc.

That way you will be able to expect traffic to be sent to the Web Prevent server for inspection.

Thank you,

Daniel