Data Loss Prevention

 View Only
  • 1.  Exceptions for Multiple Policies

    Posted Jan 23, 2013 10:03 AM

    Greetings:

    We have recently enabled some of the 'Acceptable Use' policies in our DLP application and have found that there are a large number of false positives generated when our users visit certain web sites (such as news sites). I have created exceptions for the sites that are causing the false positives, but since we have 5 of the acceptable use policies active, I need to re-enter the exceptions for each of the policies that we are using. Is there a way to create a central file of all of these exceptions so that any updates only need to be performed in one location?

    Thank you for any help that you may provide.



  • 2.  RE: Exceptions for Multiple Policies

    Broadcom Employee
    Posted Jan 23, 2013 10:24 AM

    Maybe you can try to add these exceptions on the configuration of your Agent Settings, not on the policy.



  • 3.  RE: Exceptions for Multiple Policies

    Posted Jan 23, 2013 10:51 AM
    This concerns a Policy on a network monitor (thus no agent).


  • 4.  RE: Exceptions for Multiple Policies

    Posted Jan 28, 2013 10:06 AM

    I have occasionally been able to accomplish this by using a data identifier.  You can do some pretty amazing things with all the validation options and the basic scripting that is available.  Then you only need to modify the data identifier to modify all the policies.

     

     

     

     



  • 5.  RE: Exceptions for Multiple Policies

    Posted Feb 07, 2013 11:34 PM

    Hi Chip,

    please read below

    https://www-secure.symantec.com/connect/forums/multiple-centralized-exception-policies-apply-more-one-group

    https://www-secure.symantec.com/connect/forums/monitoring-exception-dlp

    https://www-secure.symantec.com/connect/forums/exception-multiple-users

    https://www-secure.symantec.com/connect/articles/create-dlp-policy-add-exception-ignore-emails-send-internal-users