Video Screencast Help

DLP not blocking web Gmail account

Created: 13 Nov 2012 | 6 comments
Atif's picture

Hi Guys,

I have configured a policy on DLP to block a keywoard "xyz" with all protocols enabled (using AND condition in rule). When we send email through endpoint webmail like Yahoo, Gmail and hotmail, email gets through with keyword successfully via web Gmail while Yahoo and Hotmail are working fine and emails are getting blocked.

Is there any option to deal with Gmail web interface because I think it does not use POST field to submit email through web?


Discussion Filed Under:

Comments 6 CommentsJump to latest comment

pete_4u2002's picture

What's the browser you using?

I did check policy for the content keyword and it worked for Gmail. Can you check by removingthe and policy rule and verify if it works.

Atif's picture

Its not working even after removing the AND condition and second protocol rule.

Jsneed's picture

Gmail traffic is HTTPS and without the proper web proxy setup for Network discover, or the proper web browser for Endpoint it will not get blocked.  I would verify that you can see https posts on any site.

pete_4u2002's picture

is the HTTPS checked in teh agent configuration that's been applied to the detection server?

Atif's picture

HTTPs is enabled on SWG and DLP (in detection rule at protocol level and agent configuration).

HTTPs website like Gmail are working just fine but its just that blocking rule for a keyword is not working on Gmail web interface and other HTTPs websites. SWG is configured with SSL policy which is configured to intercept all kind of traffic. This policy is on the top in SWG policy configuration.