config dlp profile
Configure DLP profiles.
config dlp profile Description: Configure DLP profiles. edit <name> set comment {var-string} set dlp-log [enable|disable] set extended-log [enable|disable] set feature-set [flow|proxy] set full-archive-proto {option1}, {option2}, ... set nac-quar-log [enable|disable] set replacemsg-group {string} config rule Description: Set up DLP rules for this profile. edit <id> set name {string} set severity [info|low|...] set type [file|message] set proto {option1}, {option2}, ... set filter-by [sensor|mip|...] set file-size {integer} set sensitivity <name1>, <name2>, ... set match-percentage {integer} set file-type {integer} set sensor <name1>, <name2>, ... set label {string} set archive [disable|enable] set action [allow|log-only|...] set expiry {user} next end set summary-proto {option1}, {option2}, ... next end
config dlp profile
Parameter |
Description |
Type |
Size |
Default |
||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
comment |
Comment. |
var-string |
Maximum length: 255 |
|
||||||||||||||||||||||
dlp-log |
Enable/disable DLP logging. |
option |
- |
enable |
||||||||||||||||||||||
|
|
|||||||||||||||||||||||||
extended-log |
Enable/disable extended logging for data loss prevention. |
option |
- |
disable |
||||||||||||||||||||||
|
|
|||||||||||||||||||||||||
feature-set |
Flow/proxy feature set. |
option |
- |
flow |
||||||||||||||||||||||
|
|
|||||||||||||||||||||||||
full-archive-proto |
Protocols to always content archive. |
option |
- |
|
||||||||||||||||||||||
|
|
|||||||||||||||||||||||||
nac-quar-log |
Enable/disable NAC quarantine logging. |
option |
- |
disable |
||||||||||||||||||||||
|
|
|||||||||||||||||||||||||
name |
Name of the DLP profile. |
string |
Maximum length: 35 |
|
||||||||||||||||||||||
replacemsg-group |
Replacement message group used by this DLP profile. |
string |
Maximum length: 35 |
|
||||||||||||||||||||||
summary-proto |
Protocols to always log summary. |
option |
- |
|
||||||||||||||||||||||
|
|
config rule
Parameter |
Description |
Type |
Size |
Default |
||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
id |
ID. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||||||||||||||||
name |
Filter name. |
string |
Maximum length: 35 |
|
||||||||||||||||||||||
severity |
Select the severity or threat level that matches this filter. |
option |
- |
medium |
||||||||||||||||||||||
|
|
|||||||||||||||||||||||||
type |
Select whether to check the content of messages (an email message) or files (downloaded files or email attachments). |
option |
- |
file |
||||||||||||||||||||||
|
|
|||||||||||||||||||||||||
proto |
Check messages or files over one or more of these protocols. |
option |
- |
|
||||||||||||||||||||||
|
|
|||||||||||||||||||||||||
filter-by |
Select the type of content to match. |
option |
- |
none |
||||||||||||||||||||||
|
|
|||||||||||||||||||||||||
file-size |
Match files greater than or equal to this size (KB). |
integer |
Minimum value: 0 Maximum value: 1644544 ** |
0 |
||||||||||||||||||||||
sensitivity |
Select a DLP file pattern sensitivity to match. Select a DLP sensitivity. |
string |
Maximum length: 35 |
|
||||||||||||||||||||||
match-percentage * |
Percentage of fingerprints in the fingerprint databases designated with the selected sensitivity to match. |
integer |
Minimum value: 1 Maximum value: 100 |
10 |
||||||||||||||||||||||
file-type |
Select the number of a DLP file pattern table to match. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||||||||||||||||
sensor |
Select DLP sensors. Address name. |
string |
Maximum length: 35 |
|
||||||||||||||||||||||
label |
MIP label dictionary. |
string |
Maximum length: 35 |
|
||||||||||||||||||||||
archive |
Enable/disable DLP archiving. |
option |
- |
disable |
||||||||||||||||||||||
|
|
|||||||||||||||||||||||||
action |
Action to take with content that this DLP profile matches. |
option |
- |
allow |
||||||||||||||||||||||
|
|
|||||||||||||||||||||||||
expiry |
Quarantine duration in days, hours, minutes (format = dddhhmm). |
user |
Not Specified |
5m |
* This parameter may not exist in some models.
** Values may differ between models.