Print Download PDF Send Feedback

Previous

Next

Fine Tuning

In This Section:

Customized Deployment

Setting Rules to Prevent

Multi-Realm Authentication Support

Defining Data Types

Adding Data Types to Rules

Repositories

Whitelist Policy

Defining Email Addresses

Configuring the DLP Watermark

Fine Tuning Source and Destination

Defining Protocols of DLP Rules

Customized Deployment

Check Point DLP provides the MultiSpect set of features. These features provide the flexibility you need to monitor and ensure accuracy of your DLP deployment. For example, if you find incidents that called for actions but should have passed without delay, you can change the Data Types and/or the rules to ensure that this does not occur again. In this way you fine-tune DLP over a relatively short amount of time to create a trustworthy implementation.

You can also include User Decisions to fine-tune Data Types and rules. How useful this information is depends on how well you communicate with users. Make sure they know that their input can influence the DLP - if they want a type of data to be sent without delay, and can explain why, you will use their logged decisions to change the rules.

MultiSpect includes:

In this stage, you may decide to set some rules to Prevent. When DLP captures a Prevent incident, the data transmission is stopped completely; the user has no option to continue the send. (Best Practice - include notification to data owner and to user in such rules.)

Setting Rules to Prevent

To set a rule to Prevent:

  1. In SmartConsole, select Security Policies > Shared Policies > DLP and click Open DLP Policy in SmartDashboard.

    SmartDashboard opens and shows the DLP tab.

  2. From the navigation tree, click Policy.
  3. In the Action column of the rule to change, right-click and select Prevent.
  4. Click Save and then close SmartDashboard.
  5. From SmartConsole, Install Policy.