Cisco Cisco Email Security Appliance C170 Guia Do Utilizador
17-24
Cisco AsyncOS 8.5.5 for Email Security User Guide
Chapter 17 Data Loss Prevention
RSA Enterprise Manager
Fingerprinting
If your Enterprise Manager deployment includes RSA’s DLP Datacenter, you can enable fingerprinting.
Fingerprinting improves detection of source code and sensitive documents including:
•
Databases
•
Full or partial text matches in the text of a document
•
Full binary match, which is a bit-by-bit exact match of a file
If you enable fingerprinting, Enterprise Manager sends fingerprinting detection information to the Email
Security appliance, and the Email Security appliance uses this information when scanning messages for
Data Loss Prevention.
Security appliance, and the Email Security appliance uses this information when scanning messages for
Data Loss Prevention.
For more information about fingerprinting, see the Enterprise Manager documentation.
Related Topics
•
Step 5
On the Email Security appliance, select RSA Enterprise
Manager for the ESA's DLP Mode and configure the
connection between the Email Security appliance and
Enterprise Manager.
Manager for the ESA's DLP Mode and configure the
connection between the Email Security appliance and
Enterprise Manager.
Step 6
Provide the LDAP distinguished names of message
senders to Enterprise Manager.
senders to Enterprise Manager.
Step 7
If you will export DLP policies from the Email Security
appliance and import them into Enterprise Manager, do so
now.
appliance and import them into Enterprise Manager, do so
now.
To export RSA Email DLP policies from the Email
Security appliance, see
Security appliance, see
.
To import the policies, see the RSA Enterprise Manager
documentation.
documentation.
Step 8
On Enterprise Manager, create DLP policies to:
•
identify the types of content to be considered
violations, and
violations, and
•
specify which actions will be taken for each
violation.
violation.
Follow instructions for creating DLP policies in RSA’s
documentation for DLP Datacenter, including the online
help and the technical note Managing Partner Device
DLP with Enterprise Manager.
documentation for DLP Datacenter, including the online
help and the technical note Managing Partner Device
DLP with Enterprise Manager.
Step 9
On Enterprise Manager, specify which DLP policies
apply to which senders and recipients by associating DLP
policies with Outgoing Mail Policies.
apply to which senders and recipients by associating DLP
policies with Outgoing Mail Policies.
See
Step 10
On Enterprise Manager, specify the order of the DLP
policies.
policies.
When the appliance evaluates messages for DLP
violations, it applies only the first matching policy in the
list.
violations, it applies only the first matching policy in the
list.
Order the DLP policies in Enterprise Manager. See the
RSA Enterprise Manager documentation.
RSA Enterprise Manager documentation.
Step 11
On the Email Security appliance, configure settings for
storage of and access to sensitive DLP information in
Message Tracking.
storage of and access to sensitive DLP information in
Message Tracking.
•
•
Do This
More Information