Cisco Cisco Email Security Appliance C170 Guía Del Usuario
18-14
User Guide for AsyncOS 9.8 for Cisco Email Security Appliances
Chapter 18 Data Loss Prevention
DLP Policies for RSA Email DLP
Related Topics
•
Classifier Detection Rules for Identifying Sensitive Content (Custom DLP Policies Only)
Content matching classifiers require rules for detecting DLP violations in a message or document.
Classifiers can use one or more of the following detection rules:
Classifiers can use one or more of the following detection rules:
•
Words or Phrases. A list of words and phrases for which the classifier should look. Separate
multiple entries with a comma or line break.
multiple entries with a comma or line break.
•
Regular Expression. A regular expression to define a search pattern for a message or attachment.
You can also define a pattern to exclude from matching to prevent false positives. See
You can also define a pattern to exclude from matching to prevent false positives. See
for more information.
•
Dictionary. A dictionary of related words and phrases. Your appliance includes dictionaries created
by RSA, or you can create your own. See
by RSA, or you can create your own. See
.
•
Entity. A predefined pattern that identifies common types of sensitive data, such as credit card
numbers, addresses, social security numbers, or ABA routing numbers. For descriptions of the
entities, go to Mail Policies > DLP Policy Manager, click Add DLP Policy, click Privacy
Protection, then click Display Policy Descriptions.
numbers, addresses, social security numbers, or ABA routing numbers. For descriptions of the
entities, go to Mail Policies > DLP Policy Manager, click Add DLP Policy, click Privacy
Protection, then click Display Policy Descriptions.
Regular Expressions for Identifying Identification Numbers
Some policy templates require customization of one or more content matching classifiers, which
involves creating a regular expression to search for identification numbers that may be linked to
confidential information, such as a custom account number, patient identification number or Student ID.
The style of regular expressions used for content matching classifiers is the POSIX Basic Regular
Expression style regular expressions.
involves creating a regular expression to search for identification numbers that may be linked to
confidential information, such as a custom account number, patient identification number or Student ID.
The style of regular expressions used for content matching classifiers is the POSIX Basic Regular
Expression style regular expressions.
Note
Regular expressions are case sensitive, so they should include upper and lower case, such as
[a-zA-Z]
.
If only certain letters are used, you can define the regular expression accordingly.
The less specific the pattern, such as an 8-digit number, the more likely you will want the policy to search
for additional words and phrases to distinguish a random 8-digit number from an actual customer
number.
for additional words and phrases to distinguish a random 8-digit number from an actual customer
number.
Use the following table as a guide for creating regular expressions for classifiers: