Email DLP Quick Start



Similar documents
Web DLP Quick Start. To get started with your Web DLP policy

Web DLP Quick Start. To get started with your Web DLP policy

Releasing blocked in Data Security

Configuration Information

TRITON - Data Security Help

Configuration Information

1. Open the preferences screen by opening the Mail menu and selecting Preferences...

Update Instructions

NETWRIX EVENT LOG MANAGER

Installing Policy Patrol on a separate machine

ing from The E2 Shop System address Server Name Server Port, Encryption Protocol, Encryption Type, SMTP User ID SMTP Password

Update Instructions

Setup Guide for Exchange Server

PureMessage for Microsoft Exchange Help. Product version: 4.0

NETWRIX EVENT LOG MANAGER

SaaS Encryption Enablement for Customers, Domains and Users Quick Start Guide

Outlook Express. Make Changes in Red: Open up Outlook Express. From the Menu Bar. Tools to Accounts - Click on Mail Tab.

MadCap Software. Upgrading Guide. Pulse

Configuration Task 3: (Optional) As part of configuration, you can deploy rules. For more information, see "Deploy Inbox Rules" below.

Delegated Administration Quick Start

Novell ZENworks Asset Management 7.5

PureMessage for Microsoft Exchange Help. Product version: 3.1

Update Instructions

1. Open the preferences screen by opening the Mail menu and selecting Preferences...

Instructions for Microsoft Outlook 2003

Deploying Layered Security. What is Layered Security?

Spambrella SaaS Encryption Enablement for Customers, Domains and Users Quick Start Guide

If you encounter difficulty or need further assistance the Archdiocesan help desk can be reached at (410) , option 1. Access Methods:

Using TLS Encryption with Microsoft Outlook 2007

Setting up Microsoft Office 365

Set Up Setup with Microsoft Outlook 2007 using POP3

Merak Outlook Connector User Guide

Netwrix Auditor for Windows Server

Data Protection. Administrator Guide

Client Configuration Secure Socket Layer. Information Technology Services 2010

Spambrella SaaS Encryption Enablement for Customers, Domains and Users Quick Start Guide

Websense Security Transition Guide

Netwrix Auditor for SQL Server

Outlook Express. Make Changes in Red: Open up Outlook Express. From the Menu Bar. Tools to Accounts - Click on. User Information

Trustwave SEG Cloud Customer Guide

Basic Exchange Setup Guide

CHARTER BUSINESS custom hosting faqs 2010 INTERNET. Q. How do I access my ? Q. How do I change or reset a password for an account?

Migration Manual (For Outlook Express 6)

Setting up Microsoft Office 365

To configure Outlook Express for your InfoMetrics address:

F-Secure Messaging Security Gateway. Deployment Guide

Using Your New Webmail

Configuration Guide. Follow the simple steps given in this document when you are going to run Lepide Active Directory Cleaner for the first time.

Installing Policy Patrol with Lotus Domino

Quick Start Policy Patrol Spam Filter 9

Outlook Express. Make Changes in Red: Open up Outlook Express. From the Menu Bar. Tools to Accounts - Click on Mail Tab.

Patriots Outlook Configuration

SonicWALL Security Quick Start Guide. Version 4.6

Netwrix Auditor for Active Directory

Erado Archiving & Setup Instruction Microsoft Exchange 2007 Push Journaling

Update Instructions

Creating a Content Group and assigning the Encrypt action to the Group.

Configuring Outlook 2013 For IMAP Connections

BOTTOM UP THINKING SETUP INSTRUCTIONS. Unique businesses require unique solutions CLIENT GUIDE

Core Protection Suite

TRITON - Data Security Help

Using Your New Webmail

How to set up your Secure in Outlook 2010*

RoomWizard Synchronization Software Manual Installation Instructions

All existing accounts will be listed. 2. Click Add and select Mail to add a new account (see Figure 2). Figure 1. Figure 2

Netwrix Auditor for Exchange

ArcMail Technology Defender Mail Server Configuration Guide for Microsoft Exchange Server 2003 / 2000

1. Open the Account Settings window by clicking on Account Settings from the Entourage menu.

10 Step 2 System Service Setup. 11 Step 3 RelayFax Server Setup. 11 Step 4 Company Name and CSID String. 12 Step 5 Fax and Voice Number

Moving the TRITON Reporting Databases

GFI Product Manual. Administration and Configuration Manual

Versions Addressed: Microsoft Office Outlook 2010/2013. Document Updated: Copyright 2014 Smarsh, Inc. All right reserved

Core Filtering Admin Guide

Migration Manual (For Outlook 2010)

Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide

Wharf T&T bmail 2010 bmail End User Guide Version 1.0

Quick Start Policy Patrol Spam Filter 5

Knights Outlook Configuration

Architecture and Data Flow Overview. BlackBerry Enterprise Service Version: Quick Reference

Quick Start Policy Patrol Mail Security 10

Lepide Software. LepideAuditor for File Server [CONFIGURATION GUIDE] This guide informs How to configure settings for first time usage of the software

NSi Mobile Installation Guide. Version 6.2

How to move to your account with MAC Mail

Configuring Your Client: Outlook Express

Manual POLICY PATROL DISCLAIMERS

WEBROOT ARCHIVING SERVICE. Getting Started Guide North America. The best security in an unsecured world. TM

Configuring Security for SMTP Traffic

Open Thunderbird. To set up an account in Thunderbird, from the Tools menu select Account Settings; choose account; then click Next.

Jobs Guide Identity Manager February 10, 2012

Outlook 2010 Setup Guide (POP3)

8.7. NET SatisFAXtion Gateway Installation Guide. For NET SatisFAXtion 8.7. Contents

What browsers can I use to view my mail?

Configuring Your Client: Outlook Express. Quick Reference

Managing Identities and Admin Access

ECA IIS Instructions. January 2005

Vodafone Text Centre User Guide for Microsoft Outlook

Policy Based Encryption E. Administrator Guide

Policy Based Encryption E. Administrator Guide

How to Pop to Outlook

NovaBACKUP. Storage Server. NovaStor / May 2011

Transcription:

1 Email DLP Quick Start TRITON - Email Security is automatically configured to work with TRITON - Data Security. The Email Security module registers with the Data Security Management Server when you install it, and Data Security policies are enabled by default in TRITON - Email Security. Important You must click Deploy in TRITON - Data Security to complete the registration process. A quick-start email data loss prevention (DLP) policy is provided.you just need to configure it. To get started with your email DLP policy 1. Define user directories for Data Security users and other policy resources such as devices and networks. (See Configuring user directory server settings, page 2.) 2. Set up email properties for alerts (See.Setting up email properties, page 3.) 3. Select and enable the attributes to monitor in outgoing email messages for example message size or attachment type. Configure properties for those attributes. When the settings you configure are matched, the policy is triggered. (See Select the attributes to monitor for outbound and inbound email, page 4.) 4. Select and enable the attributes to monitor in inbound email messages for example questionable images. Configure properties for those attributes. Note If you want to monitor internal email messages, you must create a custom policy. On the Destination tab of the policy wizard, select Network or Endpoint Email, then select Direction > Internal. 5. Identify an owner or owners for the policy. See Defining policy owners, page 8 for instructions. Email DLP Quick Start 1

6. Identify trusted domains if any. See Identifying trusted domains, page 8 for more information. Note You cannot delete or rename your email policy, but you can enable or disable attributes. In this section, you define inbound and outbound email attributes. You define Internal DLP email through the custom policy wizard. 7. Deploy your settings. (See Deploying your settings, page 9.) Configuring user directory server settings To resolve user details during analysis and enhance the details displayed in reporting, you need to first configure user directory server settings. In the TRITON Console, you define the LDAP user directory to use when adding and authenticating TRITON administrators with network accounts. (Select TRITON Settings from the TRITON toolbar, then select User Directories.) On the Data Security tab, you define the user directory to use for Data Security users and other policy resources such as devices and networks. 1. Select Settings > General > System. 2. Click the User Directories option in the System pane. 3. Click New in the toolbar. 4. In the Add User Directory Server screen, complete the following fields: Name Type Connection Settings IP address or host name Port User distinguished name Password Enter a name for the user directory server. Select the type of directory from the pull-down menu: Active Directory, Domino, ADAM, or CSV file. Enter the IP address or host name of the user directory server. Enter the port number of the user directory server. Enter a user name that has access to the directory server. Enter the password for this user name. 2 Websense Data Security

Root naming context Use SSL encryption Follow referrals Test Connection Directory usage Get additional user attributes Attributes to retrieve Sample email address Test Attributes View Results Optionally, enter the root naming context that Websense Data Security should use to search for user information. If you supply a value, it must be a valid context in your domain. If the Root naming context field is left blank, Data Security begins searching at the top level of the directory service. Select this box if you want to connect to the directory server using Secure Sockets Layer (SSL) encryption. Select Follow referrals if you want Websense Data Security to follow server referrals should they exist. A server referral is when one server refers to another for programs or data. Click this button to test your connection to the userdirectory server. Select this box if you want to retrieve additional user attributes from the directory server. Enter the user attributes that you want TRITON - Data Security to collect for all users (comma separated). Enter a valid email address with which you can perform a test. Click Test Attributes to retrieve user information on the email address you supplied. Click View Results to check the user information that was imported. View Results retrieves and displays the data entered in the Sample email address field. 5. Click OK to save your changes. Note If you select CSV as the file type in the Add User Directory Server, you won t see the IP address, port, and SSL fields. You need to supply the full path for the CSV files, along with a user name and password. The Test Connection functionality is the same. There are no Directory usage fields associated with CSV files. Setting up email properties Set up the email properties, such as SMTP mail server, to be used for system alerts. 1. Select Settings > General > System. Email DLP Quick Start 3

2. Select the Alerts option in the System pane. 3. On the General tab select the conditions on which you want to trigger alerts. 4. On the Email Properties tab, complete the fields as follows: Sender name Sender email address When an alert is sent to administrators, from whom should it be coming? Enter the email address of the person from whom the alert is coming. 5. To define or edit the Outgoing mail server, click Edit (the pencil icon). Complete the fields as follows: IP address or host name Port Enter the IP address or host name of the outgoing SMTP mail server to use for scheduled alert notifications. Enter the port number of the mail server to use. 6. Complete the remaining fields as follows: Subject Recipients Enter a subject for alerts. Click the right-arrow to select a variable to include in the subject, such as %Severity%. Click Edit to select the recipients to whom alerts should be sent. 7. Click OK to save your changes. Note The same outgoing mail server is used for alerts, notifications, and scheduled tasks. The settings you use here apply to the other cases, and if you change the settings for one, it affects the others. Select the attributes to monitor for outbound and inbound email Configure the attributes that you want to monitor for outbound and inbound email messages. 1. In TRITON - Data Security, select Main > Policy Management > DLP Policies > Email DLP Policy. 4 Websense Data Security

2. On the Outbound tab, check one or more email attributes to include in the policy for outbound email messages. To define properties for an attribute, highlight it and enter information in the right pane. (Refer to the following table for a description of each attribute.) a. If you want to send notifications when there is a violation of a particular attribute setting, select the Send Notification check box. You can configure who receives the notifications by clicking the name of the notification, Email policy violation. Click this option to define the mail server, email subject, and message body, as well as other required properties. By default, for inbound messages, policy owners receive notifications. For outbound messages, both policy owners and message senders receive them. b. For each attribute, indicate how severe a breach would be (low, medium, or high severity), and what action should be taken if a breach is detected. The default severity levels and available actions are shown below for each attribute. Message size Regulatory & compliance Attachment name Select the size of email messages to monitor. For example, choose 25 MB if you want Data Security to analyze and enforce messages exceeding 25 MB, but you re not concerned about messages smaller than 25 MB, even if there is a match. The default size is 10 MB. Available actions: quarantine (default), permit. Select the regulatory and compliance rules you need to enforce. These are applied to the regions you selected with the regulatory & compliance option. Personally Identifiable Information (PII) Private Health Information (PHI) Payment Card Industry (PCI) If you have not selected regions, an error pops up. Click Select regions to fix this. Default severity: high. Available actions: quarantine (default), permit. One by one, enter the names of the exact files that should be monitored when they re attached to an email message. Include the filename and extension. Click Add after each entry. For example, add the file named confidential.docx. When that file is attached to an email message, Data Security detects it and either permits or blocks the message, or drops the attachment and sends the remaining message. Note that Drop Attachments applies only to the TRITON - Email Security module. If your email is being monitored by the protector or SMTP agent and you select this option, it will be quarantined when a policy is triggered. Available actions: quarantine, permit, drop attachments (default) Email DLP Quick Start 5

Attachment type Patterns & phrases Click Add to specify the types of files that should be monitored when attached to an email message, for example Microsoft Excel files. From the resulting dialog box, select the type or types of files to monitor. If there are more file types than can appear on the page, enter search criteria to find the file type you want. Data Security searches in the file type group, description, and file type for the data you enter. If the file type does not exist, specify exact files of this type using the Attachment name attribute instead. Available actions: quarantine, permit, drop attachments (default). Note: Drop Attachments applies only to the TRITON - Email Security module. If your email is being monitored by the protector or SMTP agent and you select this option, it will be quarantined when a policy is triggered. Click Add to define key phrases or regular expression (RegEx) patterns that should be monitored. RegEx patterns are used to identify alphanumeric strings of a certain format. On the resulting dialog box, enter the precise phrase (for example Internal Only ) or RegEx pattern (for example ~ m/h.?e/) to include. Select how many phrase matches must be made for the policy to trigger. The default number of matches is 1. Define whether to search for the phrase or RegEx pattern in all email fields, or in one or more specific fields. For example, you may want to search only in an attachment, or skip searching in To and CC fields. Default severity: medium. Available actions: quarantine (default), permit. Note: Although you do not define whether to search for only unique strings, the system will use the following defaults: Key phrase: non-unique - all matches will be reported. Regular expression: unique - only unique matches will be reported as triggered values. 6 Websense Data Security

Acceptable use Questionable images Number of attachments Number of destination domains Select the dictionaries that define unacceptable use in your organization. For example, if you want to prevent adult language from being exchanged by email, select Adult. Data Security includes dictionaries in 9 languages. Select the languages to enforce. Only terms in these languages are considered a match. For example, if you select the Adult dictionary and Hebrew, adult terms in English are not considered an incident. Note that false positives (unintended matches) are more likely to occur when you select multiple languages. For this reason, exercise caution when selecting the languages to enforce. You cannot add or delete terms from predefined dictionaries, but you can exclude them from detection if you are getting unintended matches. Select Main > Content Classifiers > Patterns & Phrases, select the dictionary to edit, then enter the phrases to exclude. By default the policy is triggered by a single match from the dictionary or dictionaries you select. Default severity: medium. Available actions: quarantine (default), permit. Select this attribute to prevent pornographic images from entering your organization. (This feature requires a special Data Security Image Analysis subscription). Pornographic images pose a legal liability to organizations in many countries. Data Security judges images based on the amount of flesh tone they contain. Available actions: quarantine, permit, drop attachments (default). Specify the number of attachments to detect. Email messages with this number of attachments (or more) trigger the policy. The default number of attachments is 20. Available actions: quarantine (default), permit This option is available for outbound messages only. Sometimes you may want to block messages sent to multiple destination domains, because this may indicate spam. Specify the number of destination domains to detect. Email messages sent to this number of domains (or more) trigger the policy. The default number of domains is 25. Also, select which email fields to monitor (To, Cc, Bcc). To and Cc are selected by default. Available actions: quarantine (default), permit. 3. Click the Inbound tab and repeat step 2 to define the attributes to include in the policy for inbound email messages. Note that number of destination domains does not apply to inbound messages. Email DLP Quick Start 7

Defining policy owners Policy owners can view and modify a policy and, if configured, receive notifications of breaches. Notifications must be enabled in one or more of the policy s attributes for notifications to be sent. To define an owner or owners for this email DLP policy: 1. Select the Policy Owners tab. 2. Click Edit. 3. Select one or more owners from the resulting box. 4. Click OK. If you would like notifications to be sent to policy owners: 1. Select Main > Policy Management > Resources. 2. Click Notifications in the Remediation section of the page. 3. Select an existing notification or click New to create a new one. 4. Under Recipients, select Additional email addresses. 5. Click the right arrow then select the variable, %Policy Owners%. 6. Click OK. Identifying trusted domains Trusted domains are, simply, those that you trust, such as the domain of a company you just acquired. Trusted domains do not need to be monitored, so they do not get analyzed by Data Security. Note Trusted domains apply to outbound email traffic only. If you have domains that you do not want enforced: 1. On the Outbound tab, select Enable trusted domains. 2. Click Edit. 3. Browse for the domain or domains you trust. 4. Click OK. 8 Websense Data Security

Deploying your settings The settings you configured in this chapter must be deployed to the Email Security module and other system components to begin monitoring your email. To deploy settings: 1. Click OK on the email DLP policy page. 2. Click Deploy in the TRITON - Data Security toolbar. Your email DLP policy is now functioning! Email DLP Quick Start 9

10 Websense Data Security

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information