Blue Coat Data Loss Prevention (DLP)

 View Only

  • 1.  Trouble with dlptest and fastmail + DLP 14.6 MP1

    Posted Jul 20, 2017 03:38 PM

    Hello,

    I have this issue, the client where i work using the DLP 14.6MP1 suite and the prevent for web server, and the traffic pass to 3 proxy bluecoat:

    ProxySG 900-20 SGOS 6.6.5.2
    ProxySG 900-20 SGOS 6.6.4.2
    ASG-S400-20     ASG 6.6.5.2

    And 1 F5 load balancer.

    I make this test, only one bluecoat proxy is configured to send icap traffic to DLP and all the categories are remove, only this two page , dlptest.com and fastmail.com are include in bluecoat.

    Install the Wireshark in the prevent for web server and collect traffic from this two page
    After add the domain live.com in bluecoat and some incident are generated, its possible a problem with the configuration in bluecoat?
    The F5 load balancer maybe is the problem?

    You can help me

     



  • 2.  RE: Trouble with dlptest and fastmail + DLP 14.6 MP1

    Posted Jul 29, 2017 02:56 AM

    Hi,

    If DLP incident are getting genreated for other URL which suppose to not send by Prxoy to DLP. 

    You need to check policy on Proxy under Web content layer-> Destination-> Request URL dlptest.com & fastmail.com

     

    Regards,

    Ajeet Kumar