Cisco Cisco Content Security Management Appliance M1070 Mode D'Emploi
3-25
Cisco IronPort AsyncOS 7.2.0 for Security Management User Guide
OL-21768-01
Chapter 3 Using Centralized Email Reporting
DLP Incident Summary Page
The DLP Incident Summary page shows information on the incidents of data loss
prevention (DLP) policy violations occurring in outgoing mail. The Cisco
IronPort appliance uses the DLP email policies enabled in the Outgoing Mail
Policies table to detect sensitive data sent by your users. Every occurrence of an
outgoing message violating a DLP policy is reported as an incident.
prevention (DLP) policy violations occurring in outgoing mail. The Cisco
IronPort appliance uses the DLP email policies enabled in the Outgoing Mail
Policies table to detect sensitive data sent by your users. Every occurrence of an
outgoing message violating a DLP policy is reported as an incident.
Using the DLP Incident Summary report, you can answer these kinds of
questions:
questions:
•
What type of sensitive data is being sent by your users?
•
How severe are these DLP incidents?
•
How many of these messages are being delivered?
•
How many of these messages are being dropped?
•
Who is sending these messages?
The DLP Incident Summary page contains two main sections:
•
the DLP incident trend graphs summarizing the top DLP incidents by severity
(Low, Medium, High, Critical) and policy matches, and
(Low, Medium, High, Critical) and policy matches, and
•
the DLP Incident Details listing.
You can select a time range on which to report (day, week, month, or year). As
with all reports, you can export the data for the graphs or the details listing to CSV
format via the Export link or PDF format by clicking the Printable (PDF) link.
with all reports, you can export the data for the graphs or the details listing to CSV
format via the Export link or PDF format by clicking the Printable (PDF) link.