Configuring a Policy

You can configure policies to reduce security and productivity threats to your messaging system.

A policy requires the following configuration:

General settings: Specifies the policy name and the hosts to apply the policy
Policy rule selection:
- One threat protection rule
- (Optional) One or more content filtering, data loss prevention (DLP), or antispam rules

Note:

Before configuring a policy, make sure that you have created the required policy components (internal domains, notifications, and policy rules).
You can specify trusted senders/recipients or objects for policy exceptions.

For more information, see Policy Exceptions.

Configure the required policy components:
- Notifications
- Policy Rules
Go to Policies > Policy Management.
The Policy List screen appears.
Do one of the following:
- Click Add to create a new policy.
- Click a policy name to edit the settings.
Select Enabled to activate the policy.
Type a policy name.
Type a number to indicate the priority in which Deep Discovery Email Inspector performs the scan. Deep Discovery Email Inspector applies the policy rules to messages according to the order you specify.
Type a description for the policy.
Select the message direction to apply the policy.

Specify the senders and recipients. Select All to apply the policy rules to all senders or recipients; otherwise, select Specify senders or Specify recipients and complete the following steps to configure the address list.

Note:

If the domain of a sender is in the Internal Domains list, Deep Discovery Email Inspector does not apply the inbound policy on messages from the sender.

Select a type.

Type the required information.

Table 1.
Type	Description
Email address	Type a valid email address. For example, test@test.com.
Active Directory user or group	Type a user or group name and press [Enter] to search the Active Directory for matching user accounts or groups.
Address group	Type an address group name and press [Enter] to search for matching address groups. You can configure address groups to apply the same policies to multiple email addresses. For more information, see Adding an Address Group.

If required, select an address group or an Active Directory user or group from the search results.
Click Add.

(Optional) Select an option from the Archive Server drop-down list to archive a copy of the messages that match the policy. The default option (None) disables message archiving.
Note:
- If a message matches multiple policies with different archive server settings, Deep Discovery Email Inspector sends a copy of the message to each archive server.
- If a message matches multiple policies with the same archive server setting, Deep Discovery Email Inspector only sends a copy of the message to the archive server.
For more information, see Archive Servers.
Specify the threat protection rule.
1. Click the Threat Protection tab.
2. Select an option from the Rule drop-down list.
3. Click Add.
  Note:
  - To view the rule settings, click View.
  - For more information about configuring threat protection rules, see Threat Protection Rules.
(Optional) Specify one or more content filtering rules.
1. Click the Content Filtering tab.
2. Select an option from the Rule drop-down list.
3. Click Add.
  Note:
  - To view the rule settings, click View.
  - For more information about configuring content filtering rules, see Content Filtering Rules.
(Optional) Specify one or more data loss prevention (DLP) rules.
1. Click the DLP tab.
2. Select an option from the Rule drop-down list.
3. Click Add.
  Note:
  - To view the rule settings, click View.
  - For more information about configuring DLP rules, see Data Loss Prevention (DLP) Rules.
(Optional) Specify one or more antispam rules.
1. Click the Antispam tab.
2. Select an option from the Rule drop-down list.
3. Click Add.
  Note:
  - To view the rule settings, click View.
  - For more information about configuring antispam rules, see Antispam Rules.
Click Save.