Data Loss Prevention

 View Only

  • 1.  limit of L7 filter

    Trusted Advisor
    Posted Dec 05, 2011 10:31 AM

    Hello,

     

      I am working for an important company which handles lot of email domains and to avoid generating incident when people send information to colleague for good business reason, i would like to put some exception on all these domains on our network monitor servers.

    In order to manage this centrally, i would like to use L7 filters but not sure i can handle the full list (around 150 email domains) that way. Does any of you already use L7 filters that way ?



  • 2.  RE: limit of L7 filter

    Posted Dec 05, 2011 11:45 AM

    Stephane, do a search for "Matching different keywords"   look for my post.   We tried to implement your exact scenario and ran into some problems.  150 is not too bad, we tried to do over 450.

     

    Let me know if you receive errors after you implement the L7 filter.

     

    Brian T



  • 3.  RE: limit of L7 filter

    Trusted Advisor
    Posted Dec 14, 2011 10:42 AM

    Hello,

     

     We didnt have any error after implementation of L7 filter but unfortunately there is a limit in caracter length (512) of list of domain to exclude. It seems quite strange to have a limit of this kind instead of a limit on the number of exception.

    It would have been nice to be able to change this limit or to have the same limit in UI to avoid putting full list and get a popup at the end saying that your list is too long.

     

     So at least for our list of domains (reduce in order to be compatible) with DLP constraint ti works fine.



  • 4.  RE: limit of L7 filter

    Posted Dec 20, 2011 04:42 AM

    How many IP we can exlude with this limitations?