Cisco Cisco Email Security Appliance C650 Guía Del Usuario
15-41
Cisco AsyncOS 8.0 for Email User Guide
Chapter 15 Data Loss Prevention
Working with DLP Incident Messages and Data
•
You can only roll back updates for appliances using the
dlprollback
CLI command at machine
level.
•
You can only check the status of an appliance’s DLP engine using the
dlpstatus
CLI command at
the machine level.
Rolling Back DLP Updates
This procedure returns the system to using the previous DLP engine and content matching classifiers.
Note
Rolling back DLP updates disables the DLP policies used in your mail policies.
Before You Begin
See also
Procedure
Step 1
In the CLI, use the
dlprollback
command.
Step 2
Re-enable the DLP policies used in your mail policies.
Working with DLP Incident Messages and Data
Note
See also the documentation for Enterprise Manager and/or the Security Management appliance, as
applicable to your deployment.
applicable to your deployment.
To
Do This
Search for messages containing DLP violations
using criteria such as DLP policy name, violation
severity, and action taken, and view details of
messages found
using criteria such as DLP policy name, violation
severity, and action taken, and view details of
messages found
See
For Enterprise Manager deployments, you can
also view messages in Enterprise Manager. See the
Enterprise Manager documentation.
also view messages in Enterprise Manager. See the
Enterprise Manager documentation.
View or manage messages that have been
quarantined as suspected DLP violations
quarantined as suspected DLP violations
See
For Enterprise Manager deployments: You can
view quarantined messages in Enterprise Manager
or the Email Security appliance, but you must use
Enterprise Manager to release or delete
quarantined messages.
view quarantined messages in Enterprise Manager
or the Email Security appliance, but you must use
Enterprise Manager to release or delete
quarantined messages.
View a summary of DLP incidents
See information about DLP Incident Summary
reports in
reports in