Repositories

Repositories are network locations used for document storage.

DLP has two kinds of repository:

  • The fingerprint repository is used to store files from which the fingerprint Data TypeClosed Classification of data in a Check Point Security Policy for the Content Awareness Software Blade. is derived. A fingerprint repository is automatically created when you create the fingerprint Data Type. Files that exactly or partially match documents in the fingerprint repository are identified before they go outside of the organization.

    Creating a Fingerprint Repository:

    1. In SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on., select Security Policies > Shared Policies > DLP and click Open DLP Policy in SmartDashboard.

      SmartDashboardClosed Legacy Check Point GUI client used to create and manage the security settings in versions R77.30 and lower. In versions R80.X and higher is still used to configure specific legacy settings. opens and shows the DLP tab.

    2. From the navigation tree, click Repositories.

    3. Click New > Fingerprint.

      The Data Type wizard opens with Fingerprint selected as the Data Type.

    4. Enter a name for the Data Type.

    5. Click Next.

    6. In the Fingerprint window:

      1. Click the Gateways arrow button to select gateways with the DLP blade enabled.

        By default, The DLP Blades object shows. This object represents all gateways that have the DLP blade enabled. Only gateways selected here scan the repository and enforce the fingerprint data type.

      2. Define a network path to the repository.

      3. If the repository defined in the network path requires a username and password to access it, enter the relevant authentication credentials.

    7. Click Test Connectivity.

      This tests that DLP gateways defined in the gateways list (step 4a) can access the repository using the (optional) assigned authentication credentials.

    8. Click the Match Similarity arrow.

      This option matches similarity between the document in the repository and the document being examined by the DLP Gateway. You can specify an exact match with a document in the repository, or a partial match based on:

      • A percentage value or

      • Number of matched text segments.

    9. Click Next.

    10. (Optional) To configure more properties, select Configure additional Data Type Properties after clicking Finish .

    11. Click Finish.

      The New data type wizard closes. The data type shows in the list of data types and also on the Repositories page.

    12. Click Save and then close SmartDashboard.

    13. In SmartConsole, install policy.

  • The Whitelist repository is a store of documents that are allowed to go outside of the organization. The Whitelist repository can be used to improve the accuracy of the DLP policy.

    Note - For a file not to be included in the DLP match, it must exactly match a file in the whitelist repository.

    Creating a Whitelist Repository:

    1. In SmartConsole, select Security Policies > Shared Policies > DLP and click Open DLP Policy in SmartDashboard.

      SmartDashboard opens and shows the DLP tab.

    2. From the navigation tree, click Repositories

    3. Click New > Whitelist Repository.

      The Whitelist Repository window opens.

      Enter a name and informative comments for the repository type.

    4. In the Whitelist Repository section:

      1. Click the Gateways arrow button to select gateways with the DLP blade enabled.

        By default, The DLP Blades object shows. This object represents all gateways that have the DLP blade enabled. Only gateways selected here scan the repository.

      2. Define a Network Path to the repository.

      3. If the repository defined in the network path requires a username and password to access it, enter the related authentication credentials. (Domain/Username).

    5. Click Test Connectivity.

      This tests that DLP gateways defined in the gateways list can access the repository using the (optional) assigned authentication credentials.

    6. To ignore text segments that are in the whitelist and fingerprint repository, click Do not include a text segment in the fingerprint match if the segment is in both the fingerprint and whitelist repositories.

    7. Click OK.

      The Whitelist shows in the list of repositories.

      To manually start a scan of the whitelist repository, click Start in the Scan now area on the summary pane.

    8. Click Save and then close SmartDashboard.

    9. In SmartConsole, install policy.