Getting Started with Check Point Data Loss Prevention for R82

The Check Point Data Loss Prevention Check Point Software Blade on a Security Gateway that detects and prevents the unauthorized transmission of confidential information outside the organization. Acronym: DLP. Blade (DLP) is a powerful solution designed to prevent data leaks and protect sensitive information from unauthorized access and distribution.

DLP enables organizations to define and enforce policies that safeguard critical data across various communication channels, including email, web, and endpoints.

Part 1 - Preparation

Install the Management Server Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server..
Install the Security Gateways / Cluster Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing. Members.
Connect with SmartConsole Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on. to the Management Server.
From the left navigation panel, click Gateways & Servers.
Create the Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. / Cluster object.

Part 2 - Gateway Configuration

In the Security Gateway / Cluster object, in the left panel, click General Properties.
From the Network Security tab, enable the Data Loss Prevention Software Blade Specific security solution (module): (1) On a Security Gateway, each Software Blade inspects specific characteristics of the traffic (2) On a Management Server, each Software Blade enables different management capabilities..
Follow the Data Loss Prevention Wizard to configure:
1. Email Domain
2. My Organization Name
3. DLP Portal and Mail Server
4. Protocols
In the left panel, click Data Loss Prevention and configure the applicable settings:
1. URL and Alias for the DLP Portal
2. Certificate for the DLP Portal
3. (Optional) UserCheck Client support
4. Accessibility of the DLP Portal
Click OK.

Part 3 - Configuration in the Legacy SmartDashboard

In the SmartConsole left navigation panel, click Manage & Settings.
In the top section, click Blades.
In the middle section, in the Data Loss Prevention section, click Configure in SmartDashboard.
The Legacy SmartDashboard Legacy Check Point GUI client used to create and manage the security settings in versions R77.30 and lower. In versions R80.X and higher is still used to configure specific legacy settings. opens on the Data Loss Prevention tab.
In the left panel, click My Organization and configure the applicable settings:
1. Email Addresses and Domains
2. Networks
3. Users
4. VPN
5. My Organization Name
In the left panel, click Data Types and configure the applicable Data Type Classification of data in a Check Point Security Policy for the Content Awareness Software Blade. objects.
In the left panel, click Repositories and configure the applicable Repositories.
(Optional) In the left panel, click UserCheck and configure the applicable Action Type objects.
In the left panel, expand Additional Settings and configure the applicable settings:
1. Protocols
2. Mail Server
3. Email Addresses and Domains
4. Watermarks
5. Advanced
In the left panel, click Policy and configure the applicable rules.
(Optional) In the left panel, click Whitelist Policy and configure the applicable rules.
From the top toolbar, click Launch Menu > File > Update.
From the top toolbar, click Launch Menu > File > Exit.

Part 4 - Install Access Control Policy

In SmartConsole, click Install Policy.
Select Access Control.
Select the applicable Security Gateway / Cluster object.
Click Install.

Part 5 - (Optional) Deploy the UserCheck Client

Install the UserCheck Client on the applicable Endpoint computers.
Configure the UserCheck Clients to connect to the applicable Security Gateway / Cluster.

See UserCheck.