Cisco Cisco Email Security Appliance C170 Guía Del Usuario
18-20
User Guide for AsyncOS 9.8 for Cisco Email Security Appliances
Chapter 18 Data Loss Prevention
DLP Policies for RSA Email DLP
About Assessing Violation Severity
When the DLP scanning engine detects a potential DLP violation, it calculates a risk factor score that
represents the likelihood that the instance actually is a DLP violation. The policy compares the risk
factor score to the Severity Scale defined in that policy in order to determine the severity level (for
example, Low or Critical.) You specify the action to take for violations at each severity level (except
Ignore, for which no action is ever taken.) You can adjust the risk factor scores required to reach each
severity level.
represents the likelihood that the instance actually is a DLP violation. The policy compares the risk
factor score to the Severity Scale defined in that policy in order to determine the severity level (for
example, Low or Critical.) You specify the action to take for violations at each severity level (except
Ignore, for which no action is ever taken.) You can adjust the risk factor scores required to reach each
severity level.
Related Topics
•
Adjusting the Severity Scale
All policies have a default severity scale. You can adjust this scale for each policy.
For example, by default, a violation has a severity level of Critical if its risk factor score is between 90
and 100. However, for violations that match a particular policy, you may want increased sensitivity to
potential data loss. For this DLP policy, you could change the Critical severity level to any violation with
a risk factor score between 75 and 100.
and 100. However, for violations that match a particular policy, you may want increased sensitivity to
potential data loss. For this DLP policy, you could change the Critical severity level to any violation with
a risk factor score between 75 and 100.
Procedure
Step 1
Select Mail Policies > DLP Policy Manager.
Step 2
Click the name of the policy to edit.
Step 3
In the Severity Settings section, click Edit Scale...
Step 4
Use the scale’s arrows to adjust the scores for the severity levels.
Step 5
Click Done.
Step 6
In the Severity Scale table, verify that your scores are as you want them.
Step 7
Click Submit.
Related Topics
•
Arranging the Order of the Email DLP Policies for Violation Matching
If a DLP violation matches more than one of the DLP policies enabled in the outgoing mail policy, only
the first matching DLP policy in the list is used.
the first matching DLP policy in the list is used.
Procedure
Step 1
On the DLP Policy Manager page, click Edit Policy Order.
Step 2
Click on the row for a policy you want to move and drag it to a new position in the order.