|
|
|
|
|
|
Field
|
Description
|
||
|---|---|---|---|
|
Agent Batch Encryption Settings
|
Agent Batch Encryption/Justification Timeout:
If a user copies multiple files and DLP blocks a file that requires
a justification before copying, DLP prompts for the justification.
To avoid having the user enter a justification for every file being
copied, DLP sets a timeout for the justification. Multiple files
can then be copied without interruption, until the timeout expires.
Also, if you set a policy
action to encrypt files copied to a USB device and require that
the user enter a justification and password to avoid the encryption action,
DLP prompts the user for the justification and password. Again,
the Agent Batch Encryption/Justification Timeout sets the timeout
so that the user does not need to provide a justification and password
for every file. When the timeout expires, DLP prompts the user again
for a justification and password.
Agent Batch Encryption Filename
Prefix: When a user copies multiple files to a USB device and DLP
encrypts the files, DLP adds the files to an existing encryption file.
DLP names the encryption file with the {filename prefix} + the {file
name} (with extension) + a variable {counter}.exe.
For example,
an encryption file name, “dlp_encrypted_sample.doc.23.exe” is assembled
as follows:
|
||
|
Local LDAP Cache
|
Local LDAP cache time to live (TTL) can
be up to one week.
|
||
|
Decompression Control Settings
|
DLP decompresses compressed archive files
before scanning them for sensitive data. Decompression control settings
set the file size limit for decompressed files, number of layers
for DLP to scan, and the number of decompressed files from an archive
file for DLP to scan.
|
||
|
Change Password
|
This is the password for forensic data encryption
and data discovery. The default password is 12345678. However, it
is recommended that you change this password. Passwords for forensic
data encryption can include letters, numbers, and some special characters, such
as # and @).
|
