Cisco Cisco Email Security Appliance X1050 Guía Del Usuario
11-13
Cisco IronPort AsyncOS 7.5 for Email Configuration Guide
OL-25136-01
Chapter 11 Data Loss Prevention
Finish creating the policy and enable it in an outgoing mail policy. Submit and
commit your changes. Now, if the policy detects the number pattern in an
outgoing message with the phrase “Patient ID” in close proximity, it will return a
DLP violation.
commit your changes. Now, if the policy detects the number pattern in an
outgoing message with the phrase “Patient ID” in close proximity, it will return a
DLP violation.
For information on how to create a regular expression, see
. For more information on how
content matching classifiers detect DLP violations, see
.
Filtering Messages for DLP Policies
You have the option of limiting a DLP policy to scanning only messages based on
specific information first detected by AsyncOS. DLP policy scanning can be
limited by the following information:
specific information first detected by AsyncOS. DLP policy scanning can be
limited by the following information:
•
Senders and recipients
•
Attachment types
•
Message tags
Filtering Senders and Recipients
You can limit the DLP policy to scan messages with specific recipients or senders
in one of the following ways:
in one of the following ways:
•
Full email address:
user@example.com
•
Partial email address:
user@
•
All users in a domain:
@example.com
•
All users in a partial domain:
@.example.com
You can separate multiple entries using a line break or a comma.
For an outgoing message, AsyncOS first matches the recipient or sender to an
outgoing mail policy. After the recipient or sender is matched, RSA Email DLP
then matches the sender or recipient to the DLP policies enabled for the mail
policy.
outgoing mail policy. After the recipient or sender is matched, RSA Email DLP
then matches the sender or recipient to the DLP policies enabled for the mail
policy.