Data Loss Prevention

 View Only

  • 1.  How to let users login by AD and check their incidents?

    Posted Mar 17, 2013 11:01 PM

    My customer want DLP Enforce can let domain users login by Active Directory Authentication and check himself/herself incidents like some antispam device interface, it it possible? I have an idea to make a role for domain users, but how to config "Incident Access" condition to make users only can see himself/herself incidents?



  • 2.  RE: How to let users login by AD and check their incidents?

    Broadcom Employee
    Posted Mar 18, 2013 01:41 AM

    its in the role, you can define what all incidents that role can view.



  • 3.  RE: How to let users login by AD and check their incidents?

    Trusted Advisor
    Posted Mar 18, 2013 04:25 AM

    Hi rexlin,

     

     dont think it is possible as you cannot use dynamic parameters (like login name, or group membership,...) in role definition. So you will have to define one role per user (oumf...).

     First time i heard about this kind of wish for a customer. What will happen if it is a real data leakage ? if you need to perform awareness using the tool, i think it is better to use endpoint popup each time you detect something. But "customer is our king" and if he want to have this functionality you have to do give him. What you can use instead it is an email send to them to inform that they violate a policy and give some information using dynamic notification parameters.

     

    regards.



  • 4.  RE: How to let users login by AD and check their incidents?
    Best Answer

    Posted Mar 18, 2013 05:35 PM

    You can use the symantec workflow engine (which is free for enterprise customers) to do this.  Check out this forum post and video.

    https://www-secure.symantec.com/connect/videos/want-know-how-self-remediate-using-symantec-data-loss-prevention-and-workflow