Managing Networks

By default, My Organization includes networks, network groups, and hosts that are defined as being behind the internal interface of the DLP Gateway.

In large sites it is often more efficient to define exclusions to the internal interfaces than to define the internal environment piece by piece.

If you give names to specific networks or hosts to specify My Organization, then DLP considers any internal networks or hosts that you did not give a name as internal.

Note - The networks and hosts must already be defined in the Objects Tree of SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on..

To define specific networks and hosts:

  1. Connect with SmartConsole to the Management ServerClosed Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server..

  2. From the left navigation panel, click Manage & Settings.

  3. From the left tree, click Blades.

  4. In the Data Loss PreventionClosed Check Point Software Blade on a Security Gateway that detects and prevents the unauthorized transmission of confidential information outside the organization. Acronym: DLP. section, click Configure in SmartDashboard.

  5. In SmartConsole, open the Data Loss Prevention tab.

  6. Click My Organization.

  7. In the Networks section, select the option Select specific networks and host.

  8. Click Edit.

  9. In the Networks and Hosts window, select items from the list of defined networks and hosts and then click Add.

  10. Add as many items as needed to define My Organization.

  11. Click OK.

If the default option in My Organization is selected (Anything behind the internal interfaces of my gateways), you can define exclusions to internal Networks.

Data Loss Prevention recognizes as Outside My Org all networks, network groups, or hosts that you specify as an exclusion. To scan data sent from these networks, you must change the default Source of rules from My Org to the network object.

To exclude networks from My Organization:

  1. Connect with SmartConsole to the Management Server.

  2. From the left navigation panel, click Manage & Settings.

  3. From the left tree, click Blades.

  4. In the Data Loss Prevention section, click Configure in SmartDashboard.

  5. Click My Organization.

  6. In the Networks section, select Anything behind the internal interfaces of my DLP gateways and click Exclusions.

    The Networks and Hosts window opens.

  7. Select the listed items that you want to exclude from My Organization.

  8. Click Add.

  9. Click OK.