Note:
Data Loss Prevention processes rules and templates by
priority. If a rule is set to "Pass", Data Loss Prevention processes the
next rule in the list. If a rule is set to "Block" or "User
Justification", Data Loss Prevention blocks or accepts the user action
and does not process that rule/template further.
-
Select Enable this rule.
-
Specify a name for the rule.
Configure the template settings:
-
Click the Template tab.
-
Select templates from the Available
templates list and then click Add.
When selecting templates:
Note:
Each rule can contain a maximum of 200
templates.
Configure the channel settings:
-
Click the Channel tab.
-
Select the channels for the rule.
For details about channels, see Network Channels and System and Application Channels.
-
If you selected any of the network channels,
select the transmission scope:
See Transmission Scope and Targets for Network Channels for details on transmission scope, how targets work depending on the transmission
scope, and how to define targets correctly.
-
If you selected Email
clients:
-
Click Exceptions.
-
Specify monitored and non-monitored internal
email domains.
For details on monitored and non-monitored email domains, see Email Clients.
-
If you selected Removable
storage:
-
Click
Exceptions.
-
Add non-monitored removable storage devices,
identifying them by their vendors. The device model and serial ID are
optional.
The approved list for USB devices supports
the use of the asterisk (*) wildcard. Replace any field with the
asterisk (*) to include all devices that satisfy the other fields.
For example, [vendor]-[model]-* places all
USB devices from the specified vendor and the specified model type,
regardless of serial ID, to the approved list.
-
To add more devices, click the plus
(+) icon.
Configure the action settings:
-
Click the Action tab.
-
Select a primary action and any additional actions. For details
about actions, see Data Loss Prevention Actions.
-
After configuring the Template,
Channel, and Action settings,
click Save.
