Cisco Cisco Email Security Appliance C170 Guia Do Utilizador
11-26
Cisco IronPort AsyncOS 7.6 for Email Configuration Guide
OL-25136-01
Chapter 11 Data Loss Prevention
Creating a DLP Policy Using the Custom Policy Template
You can create a custom DLP policy using the Custom Policy template add either a predefined RSA
classifier or a custom classifier to the policy. See
classifier or a custom classifier to the policy. See
for
instructions on creating a classifier.
Custom policies can return a DLP violation if the content matches a single classifier or all classifiers,
depending on how the policy is defined. To prevent false positives, a DLP policy can include a classifier
that the message content must not match. By checking the NOT checkbox for a classifier, a message that
includes matching content for the classifier is not reported as a DLP violation.
depending on how the policy is defined. To prevent false positives, a DLP policy can include a classifier
that the message content must not match. By checking the NOT checkbox for a classifier, a message that
includes matching content for the classifier is not reported as a DLP violation.
Step 1
Select Mail Policies > DLP Policy Manager.
Step 2
Click Add DLP Policy.
Step 3
Click the name of the Custom Policy category.
Step 4
Click Add for the Custom Policy template.
Step 5
Enter a name and description for the policy.
Step 6
Select a classifier for the policy. You can use an existing classifier or select the option Create a
Classifier.
Classifier.
Step 7
Click Add.
If you selected Create a Classifier, the Add Content Matching Classifier page opens. Otherwise,
the predefined classifier is added to the policy.
the predefined classifier is added to the policy.
Step 8
To add more than one classifier to the policy, repeat steps
.
Step 9
Optionally, you can limit the DLP policy to messages with specific recipients, senders, or attachment
types. You can separate multiple entries using a line break or a comma. For more information, see
types. You can separate multiple entries using a line break or a comma. For more information, see
and
Step 10
In the Critical Violations Settings section, choose the action to take on messages containing critical DLP
violations.
violations.
Step 11
If you want to define different settings for messages that match the high, medium, or low severity level,
uncheck the Inherit settings check box for the appropriate security level. Edit the overall action for the
message and the other settings.
uncheck the Inherit settings check box for the appropriate security level. Edit the overall action for the
message and the other settings.
Step 12
If you want to adjust the DLP violation severity scale for the policy, click Edit Scale and adjust the
settings. For more information, see
settings. For more information, see
.
Step 13
Submit and commit your changes.
The policy is added to the DLP Policy Manager.
Creating a Content Matching Classifier
When creating a custom policy, you can create a custom classifier by selecting the Create a Classifier
option. See
option. See
for more information on the rules and values required
to create a classifier.
After you have created and submitted the classifier, it will appear in the list of available classifiers when
creating a custom policy.
creating a custom policy.
Step 1
Enter a name and description for the classifier.