Cisco Cisco Web Security Appliance S190 Guía Del Usuario
C H A P T E R
16-1
AsyncOS 10.0 for Cisco Web Security Appliances User Guide
16
Prevent Loss of Sensitive Data
•
Overview of Data Security and External DLP Policies, page 13-1
•
Managing Upload Requests, page 13-2
•
•
•
•
•
•
•
Overview of Prevent Loss of Sensitive Data
The Web Security appliance secures your data by providing the following capabilities:
When the Web Proxy receives an upload request, it compares the request to the Data Security and
External DLP Policy groups to determine which policy group to apply. If both types of policies are
configured, it compares the request to Cisco Data Security policies before external DLP policies. After
it assigns the request to a policy group, it compares the request to the policy group’s configured control
settings to determine what to do with the request. How you configure the appliance to handle upload
requests depends on the policy group type.
External DLP Policy groups to determine which policy group to apply. If both types of policies are
configured, it compares the request to Cisco Data Security policies before external DLP policies. After
it assigns the request to a policy group, it compares the request to the policy group’s configured control
settings to determine what to do with the request. How you configure the appliance to handle upload
requests depends on the policy group type.
Note
Upload requests that try to upload files with a size of zero (0) bytes are not evaluated against Cisco Data
Security or External DLP policies.
Security or External DLP policies.
Option
Description
Cisco Data Security filters
The Cisco Data Security filters on the Web Security appliance evaluate
data leaving the network over HTTP, HTTPS and FTP.
data leaving the network over HTTP, HTTPS and FTP.
Third-party data loss
prevention (DLP) integration
prevention (DLP) integration
The Web Security appliance integrates with leading third party
content-aware DLP systems that identify and protect sensitive data. The
Web Proxy uses the Internet Content Adaptation Protocol (ICAP) which
allows proxy servers to offload content scanning to external systems
content-aware DLP systems that identify and protect sensitive data. The
Web Proxy uses the Internet Content Adaptation Protocol (ICAP) which
allows proxy servers to offload content scanning to external systems