DLP Selective Configuration

You can configure the Data Loss PreventionClosed Check Point Software Blade on a Security Gateway that detects and prevents the unauthorized transmission of confidential information outside the organization. Acronym: DLP. rules on specific Enforcing Gateways using various data transmission protocols.

For any ruleClosed Set of traffic parameters and other conditions in a Rule Base (Security Policy) that cause specified actions to be taken for a communication session. in the policy, you can select to configure it on specific Enforcing Gateways.

To configure a rule on specific Enforcing DLP Gateways:

  1. Connect with SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on. to the Management ServerClosed Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server..

  2. From the left navigation panel, click Manage & Settings.

  3. From the left tree, click Blades.

  4. In the Data Loss Prevention section, click Configure in SmartDashboard.

  5. In the rule you want, click in the plus in the Install On column.

    Defined DLP Gateways appear in a menu.

  6. Select the Gateways on which you want to configure this rule.

  7. Install policy on the DLP Gateway.

Check Point Data Loss Prevention supports various data transmission protocols.

It is recommended that you enable protocols as needed in your configuration. Start with only SMTP. Observe the logs on detected emails and user responses for handling them. Later, add FTP to the policy. For emails and large uploads, users do not expect instant responses. They can handle incidents in the Gaia PortalClosed Web interface for the Check Point Gaia operating system. or UserCheck client for emails and uploads without disturbing their work, especially if your users know what to expect and how to handle the incidents.

HTTP, which includes posts to web sites, comments on media sites, blogging, and web mail, is another matter. Users do expect that when they press Enter, their words are sent and received instantly. If an employee uses HTTP for mission-critical work, having to decide whether a sentence is OK to send or not every instance is going to be extremely disruptive. Therefore, it is recommended that you enable HTTP only after you have run analysis on usage and incidents.

You can also enable inspection for Exchange Security Agent emails (see Configuring the Exchange Security Agent) and the HTTPS protocol.

To select protocol configuration for all gateways:

  1. Connect with SmartConsole to the Management Server.

  2. From the left navigation panel, click Manage & Settings.

  3. From the left tree, click Blades.

  4. In the Data Loss Prevention section, click Configure in SmartDashboard.

  5. Expand Additional Settings and click Protocols.

  6. Clear the checkbox of any of the protocols that you do not want to inspect.

Important - If you clear all of the protocol checkboxes, Data Loss Prevention has no effect.

To select protocol configuration per gateway:

  1. From the left navigation panel, click Gateways & Servers.

  2. Double-click the Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. object.

  3. In General Properties > Software Blades > Network Security, make sure Data Loss Prevention is selected.

  4. From the left tree. click Data Loss Prevention.

  5. In the Protocols area, select one of these:

    • Apply the DLP policy on the default protocols - as selected in the Data Loss Prevention tab, according to the procedure before.

    • Apply the DLP policy to these protocols only - select the protocols that you want this gateway to check for the Data Loss Prevention policy.

  6. Click OK.

  7. Install the Access Control Policy.