Руководство Пользователя для Cisco Cisco Email Security Appliance C170

You can search for a specific internal user (email address) via the search form at the bottom of the 
Internal Users page and the Internal User detail page. Choose whether to exactly match the search text 
or look for items starting with the entered text (for instance, starts with “ex” will match “example.com”).

The DLP Incidents page shows information on the incidents of data loss prevention (DLP) policy 
violations occurring in outgoing mail. The Cisco IronPort appliance uses the DLP email policies enabled 
in the Outgoing Mail Policies table to detect sensitive data sent by your users. Every occurrence of an 
outgoing message violating a DLP policy is reported as an incident. 

Using the DLP Incidents report, you can answer these kinds of questions:

What type of sensitive data is being sent by your users?

How severe are these DLP incidents?

How many of these messages are being delivered?

How many of these messages are being dropped?

Who is sending these messages?

The DLP Incidents page is comprised of two main sections: 

the DLP incident trend graphs summarizing the top DLP incidents by severity (Low, Medium, High, 
Critical) and policy matches, and

the DLP Incidents Details listing.

You can select a time range on which to report, such as an hour, a week, or a custom range. As with all 
reports, you can export the data for the graphs or the details listing to CSV format via the Export link 
or PDF format by clicking the Printable (PDF) link. For information about generating PDFs in 
languages other than English, see the