Data Loss Prevention Wizard

DLP Blade Wizard Options

  • Email Domain in My Organization - Provide the domain of the organization, to allow the DLP Gateway to distinguish between internal and external email addresses.

  • Connect to Active Directory - Enable the DLP Gateway to access the Active Directory server and automatically populate the users and user groups that make up the definition of My Organization and to validate users. You can do this now or later. For instructions of how to do this, see Configuring Active Directory and LDAP for DLP.

  • Activate DLP Gaia Portal for Self Incident Handling - Select to activate the port.

    The default URL is: https://<IP Address of DLP Gateway>/dlp.

  • Mail Relay - Select a mail server from the list of existing network objects, or click New and define a new mail server (SMTP). If the mail server needs the DLP Gateway to authenticate itself, click the Authentication drop-down and provide the credentials of the mail server.

    If the Mail Server is a Microsoft Exchange server, set the Exchange server to be an SMTP Relay for this newly created DLP Gateway.

  • My Organization Name - Enter different names and phrases used to identify your organization. These names are used by the DLP feature to accurately detect incidents of data loss.

  • Protocols - Select protocols to which the DLP policy applies.

Completing the Wizard

After you complete the wizard for a DLP Gateway of any platform, enable the Software BladeClosed Specific security solution (module): (1) On a Security Gateway, each Software Blade inspects specific characteristics of the traffic (2) On a Management Server, each Software Blade enables different management capabilities. and install policy.

  1. Make sure that the Data Loss PreventionClosed Check Point Software Blade on a Security Gateway that detects and prevents the unauthorized transmission of confidential information outside the organization. Acronym: DLP. Software Blade is enabled.

  2. Review the topology of the DLP Gateway.

    DLP by default scans traffic from internal networks to external networks, so you must properly define the DLP Gateway interfaces as internal or external. You can do this when you define My Organization in the Data Loss Prevention tab of SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on..

  3. Install policy on the DLP Gateway only:

    1. In SmartConsole, install the policy.

    2. In the Install Policy window, select the DLP Gateways.

    Note - On a dedicated DLP Gateway, only the DLP Policy is installed. This is not a security policyClosed Collection of rules that control network traffic and enforce organization guidelines for data protection and access to resources with packet inspection.. Make sure you have another Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. in the environment to enforce the Security Policy.