Data Loss Prevention

 View Only

  • 1.  Exception for moving data to Networkshares.

    Posted Aug 01, 2012 05:48 AM

    Hi

     

    I have list of network share, which need to be exempted from policies, in order to do this, i included exception condition Copy network share, which exempts moving of data from Endpoint to network shares, but i need to exempt only few network shares not all, how to do this, can any one help me.



  • 2.  RE: Exception for moving data to Networkshares.

    Posted Aug 01, 2012 02:31 PM

    I believe the best way to do this is to write exceptions into the policies that scan for data going to network shares. That way if you have fileshares that are safe for one type of data, but not another, then you can make sure that only the safe type of data is stored there.



  • 3.  RE: Exception for moving data to Networkshares.

    Posted Aug 02, 2012 01:57 AM

    Hi jsneed,

     

    Thanks for your reply, me question is how to write exception in policies for specific network shares



  • 4.  RE: Exception for moving data to Networkshares.

    Posted Aug 02, 2012 07:07 AM

    Hi Naveen,

    Currently, DLP does not support IP filter for Network shares. Network share uses UNC and for DLP it is not considered as network event. You can use IP filter for protocols such as HTTP/FTP traffic.

    Endpoint File Copies to and from Network Shares does not currently have the ability to use filters to exclude specific destinations or sources. Advise User to put exception of copy to network share in policy in order to ignore monitoring of Endpoint File Copies to and from Network Share.



  • 5.  RE: Exception for moving data to Networkshares.

    Posted Sep 10, 2012 01:47 AM

    Hi Friend,

    It's in Symantec DLP roadmap as we discussed with support team



  • 6.  RE: Exception for moving data to Networkshares.

    Posted Sep 10, 2012 03:23 PM

    Naveen,

    I've not tried it so I can't tell you how well it would work (if at all), but you may want to try playing with the "Filter by Network Properties" section within the Agent Configuration. There are IP filters in here which may help in tryign to monitor the network share use case. As mentioned above though, it will likely be seen as a UNC and thus the IP won't help. I would try 2 approaches to test it out:

    • Try using the IP of the servers (if they are Dynamic, this may not really help)
    • Try putting in the host name and see what the result is

    Again, I don't know if it would work, but it may be worth at least trying. If not, then you'll be left with the resounding answer here which is we don't support it yet, but it's on the roadmap.



  • 7.  RE: Exception for moving data to Networkshares.

    Trusted Advisor
    Posted Oct 03, 2012 05:42 PM

    All,

    I have tried this myself and it does not work, in the current product. There is a feature request on exception filters around network shares by IP or by domain name. There is currently no ETA on it. Might happen in V12, but no idea