Repositories

Repositories are network locations used for document storage. DLP has two kinds of repository

Fingerprint
Whitelist

Fingerprint Repository

The fingerprint repository is used to store files from which the fingerprint Data Type is derived. A fingerprint repository is automatically created when you create the fingerprint Data Type. Files that exactly or partially match documents in the fingerprint repository are identified before they go outside of the organization.

Whitelist Repository

The Whitelist repository is a store of documents that are allowed to go outside of the organization. The Whitelist repository can be used to improve the accuracy of the DLP policy.

Note - For a file not to be included in the DLP match, it must exactly match a file in the whitelist repository.

Creating a Fingerprint Repository

In SmartConsole, select Security Policies > Shared Policies > DLP and click Open DLP Policy in SmartDashboard.
SmartDashboard opens and shows the DLP tab.
From the navigation tree, click Repositories.
Click New > Fingerprint.
The Data Type wizard opens with Fingerprint selected as the Data Type.
Enter a name for the Data Type.
Click Next.
In the Fingerprint window:
1. Click the Gateways arrow button to select gateways with the DLP blade enabled.
  By default, The DLP Blades object shows. This object represents all gateways that have the DLP blade enabled. Only gateways selected here scan the repository and enforce the fingerprint data type.
2. Define a network path to the repository
3. If the repository defined in the network path requires a username and password to access it, enter the relevant authentication credentials.
Click Test Connectivity.
This tests that DLP gateways defined in the gateways list (step 4a) can access the repository using the (optional) assigned authentication credentials.
Click the Match Similarity arrow.
This option matches similarity between the document in the repository and the document being examined by the DLP gateway. You can specify an exact match with a document in the repository, or a partial match based on:
- A percentage value or
- Number of matched text segments.
Click Next.
Select Configure additional Data Type Properties after clicking Finish if you want to configure more properties.
Click Finish.
The New data type wizard closes. The data type shows in the list of data types and also on the Repositories page.
Click Save and then close SmartDashboard.
From SmartConsole, Install Policy.

Creating a Whitelist Repository

In SmartConsole, select Security Policies > Shared Policies > DLP and click Open DLP Policy in SmartDashboard.
SmartDashboard opens and shows the DLP tab.
From the navigation tree, click Repositories
Click New > Whitelist Repository.
The Whitelist Repository window opens.

Enter a name and informative comments for the repository type.
In the Whitelist Repository section:
1. Click the Gateways arrow button to select gateways with the DLP blade enabled.
  By default, The DLP Blades object shows. This object represents all gateways that have the DLP blade enabled. Only gateways selected here scan the repository.
2. Define a Network Path to the repository.
3. If the repository defined in the network path requires a username and password to access it, enter the related authentication credentials. (Domain/Username).
Click Test Connectivity.
This tests that DLP gateways defined in the gateways list can access the repository using the (optional) assigned authentication credentials.
To ignore text segments that are in the whitelist and fingerprint repository, click Do not include a text segment in the fingerprint match if the segment is in both the fingerprint and whitelist repositories.
Click OK.
The Whitelist shows in the list of repositories.

To manually start a scan of the whitelist repository, click Start in the Scan now area on the summary pane.
Click Save and then close SmartDashboard.
From SmartConsole, Install Policy.