Cisco Cisco Content Security Management Appliance M390 Mode D'Emploi
4-32
Cisco IronPort AsyncOS 8.0 for Security Management User Guide
Chapter 4 Using Centralized Email Security Reporting
Click the name of a DLP policy to view detailed information on the DLP incidents detected by the policy.
You can use this method to get a list of users who sent mail that contained sensitive data detected by the
policy.
You can use this method to get a list of users who sent mail that contained sensitive data detected by the
policy.
DLP Incidents Details Table
The DLP Incident Details table is an interactive table that shows the total number of DLP incidents per
policy, with a breakdown by severity level, and whether any of the messages were delivered in the clear,
delivered encrypted, or dropped. Click the column headings to sort the data.
policy, with a breakdown by severity level, and whether any of the messages were delivered in the clear,
delivered encrypted, or dropped. Click the column headings to sort the data.
To find out more information about any of the DLP Policies listed in this table, click the name of the
DLP Policy and the DLP Policy Page appears.For more information, see
DLP Policy and the DLP Policy Page appears.For more information, see
DLP Policy Detail Page
If you click on a name of a DLP policy in the DLP Incident Details table, the resulting DLP Policy Detail
page displays the DLP incidents data for the policy. The page displays graphs on the DLP Incidents
based by Severity.
page displays the DLP incidents data for the policy. The page displays graphs on the DLP Incidents
based by Severity.
The page also includes an Incidents by Sender table at the bottom of the page that lists each internal user
who has sent a message that violated the DLP policy. The table also shows the total number of DLP
incidents for this policy per user, with a breakdown by severity level, and whether any of the messages
were delivered in the clear, delivered encrypted, or dropped. You can use the Incidents by Sender table
to find out which users may be sending your organization’s sensitive data to people outside your
network.
who has sent a message that violated the DLP policy. The table also shows the total number of DLP
incidents for this policy per user, with a breakdown by severity level, and whether any of the messages
were delivered in the clear, delivered encrypted, or dropped. You can use the Incidents by Sender table
to find out which users may be sending your organization’s sensitive data to people outside your
network.
Clicking the sender name opens up the Internal Users page. See the
for more information.
Content Filters Page
The Email > Reporting > Content Filters page shows information about the top incoming and outgoing
content filter matches (which content filter had the most matching messages). The page displays the data
as both bar charts and listings. Using the Content Filters page, you can review your corporate policies
on a per-content-filter or per-user basis and answer the following types of questions:
content filter matches (which content filter had the most matching messages). The page displays the data
as both bar charts and listings. Using the Content Filters page, you can review your corporate policies
on a per-content-filter or per-user basis and answer the following types of questions:
•
Which content filter is triggered the most by incoming or outgoing mail?
•
Who are the top users sending or receiving mail that triggers a particular content filter?
Top DLP Policy Matches
The top DLP Policies that have been matched.
DLP Incident Details
The DLP Incident Details table shows the total number of
DLP incidents per policy, with a breakdown by severity level,
and whether any of the messages were delivered in the clear,
delivered encrypted, or dropped.
DLP incidents per policy, with a breakdown by severity level,
and whether any of the messages were delivered in the clear,
delivered encrypted, or dropped.
For more information on the DLP Incidents Details table, see
the
the
.
Table 4-9
Details on the Email > Reporting > DLP Incident Summary Page
Section
Description