User Tools

Site Tools


dlp50

DLP

General information

DLP (Data Leak Prevention) is a technology for prevention of leak of confidential data from the internal network. DLP-system is based on the analysis of the data flow that goes through the network gateway. When confidential information is discovered in the flow, the protection enables and the transmission is blocked.

On the main page of the module you can find it’s status, the “Disable” button (or “Enable”, if the module is disabled) and last log messages.

Settings

Flags Use DLP for proxy and Use DLP for mail are the same as the correspondant flags in the “Proxy” and “Mail” modules, when marked, DLP module will check mail and HTTP-traffic for the fingerprints.

The flags Files hash, Templates, Key words, Text files fingerprints allow to define which criteria should define the confidentiality of the information and also it’s threshold.

The Consider the file size flag defines the maximum size of the files that would be checked, which allows to decrease system load.

The Use external DLP server flag allows to set an external server for checking.

DLP base

In this tab you can create a list of prints by files and key words, on which the check will be performed. Key words list also contains templates, which consist of regular expressions like in the proxy rules.

Events

The “Events” tab contains the list of all the lockings made by DLP. In each line you can see the user for which it was locked, and also the reason.

Log

In the “Log” tab you can find all the system messages from the module. It’s structure is the same as in the other modules.

dlp50.txt · Last modified: 2019/04/01 14:41 by root