Data Loss Prevention

Hello Friends,

Kindly help me in capturing the entire chat activity on Yahoo Messenger through DLP Endpoint Agent solution (DLP 12.0).

Please provide some appropriate solution/configuration setting that has to be done.

Regards

login into DLP console --> System --> Agents  --> Agent Configuration , enable Yahoo IM and click to save it.

Dear New2Symantec,

You will recieve incidents each time there's traffic flowing to/from YAHOO IM.In this way, each msg typed and sent over IM will be a separate incident. It's better to Configure a Policy and describe the content you want to monitor along with the selection of protocol "Yahoo IM' so that you recieve incidents only from Yahoo IM and no other protocols.

Hope that Helps ..

Hello,

I want to get the entire content that a sender and receiver types to get reflected in the incidents. I tried using regular expression "." to get that content but to no avail. Only a part of chat gets reflected and not the entire chat.

Some of the chats are getting captured in the Network incidents and the chats are getting properly reflected over there..But not in the endpoints. I want to leverage the endpoint agents to receive incidents/chats from Yahoo messenger and the chats should get reflected in the "Message Body" just the way it does in the Network incidents.

I have already listed Yahoo messenger in the "Application Monitoring" tab.

Am I missing any step?

Try deactivating Yahoo IM Monitoring from Network Monitor, may be in this way you will be able to get the full chat conversation on the Endpoint Level. (I'm not sure but, you will have to give it a try)

Hi ,

You can monitor AIM or any other instant messaging who runs on TCP protocol/connection. DLP cant monitor any traffic on UDP . To monitor Yahoo you need to configure in agent configuration as shown above or need to configure on protocol setting in System->Ganeral tab.