User Tools

Site Tools


dlp50

DLP

General information

DLP (Data Leak Prevention) is technology for prevention of leak of confidential data from the internal network. DLP-system is based on analysis of the data flow that goes through the network gateway. When confidential information is discovered in the flow, the protection fires and the transmission is blocked.

On the main page of the module you can find it’s status, the “Disable” button (or “Enable”, if the module is disabled) and last log messages.

Settings

Flags “Use DLP for proxy” and “Use DLP for mail” are the same as the corresponding flags in “Proxy” and “Mail” modules, when selected, DLP module will check mail and HTTP-traffic for fingerprints.

The flags “Files hash”, “Templates”, “Key words”, “Text files fingerprints” allow to define which criteria should define the confidentiality of the information and also it’s threshold.

The “Consider the file size” flag defines maximum size of files that would be checked, which allows to decrease system load.

The “Use external DLP server” flag allows to set an external server for checking.

DLP base

In this tab you can create list of fingerprints by files and key words, on which the check will be performed. Key words list also contains templates, which consist of regular expressions like in proxy rules.

Events

The “Events” tab contains list of all the locks imposed by by DLP. In each line you can see the user for which it was locked, and also the reason.

Log

In the “Log” tab you can find all system messages from the module. It’s structure is the same as in the other modules.

dlp50.txt · Last modified: 2020/04/07 19:10 by zog