User Guide

17-6

AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide

Chapter 17 Data Loss Prevention

DLP Policies for RSA Email DLP

Related Topics

• DLP Policy Description, page 17-6

• Predefined DLP Policy Templates, page 17-6

• Setting Up RSA Email DLP Using a Wizard, page 17-7

• Creating a DLP Policy Using a Predefined Template, page 17-8

• Creating a Custom DLP Policy (Advanced), page 17-9

• About Defining Disallowed Content Using Content Matching Classifiers, page 17-10

• Filtering Messages for DLP Policies, page 17-20

• About Assessing Violation Severity, page 17-21

• Arranging the Order of the Email DLP Policies for Violation Matching, page 17-21

• Associating DLP Policies with Outgoing Mail Policies, page 17-22

• Important Information About Editing or Deleting DLP Policies, page 17-23

DLP Policy Description

A DLP policy includes:

• a set of conditions that determine whether an outgoing message contains sensitive data, and

• the actions to be taken when a message contains such data.

You specify how message content is evaluated, based on:

• Specific disallowed content or patterns of information. Depending on the policy, you may need to

create a regular expression to search for identification numbers. See About Defining Disallowed

Content Using Content Matching Classifiers, page 17-10.

• A list of specific senders and recipients for filtering messages. See Filtering by Senders and

Recipients, page 17-20.

• A list of attachment file types for filtering messages. See Filtering by Attachment Types,

page 17-20.

• Settings that allow different actions to occur based on the severity of the violation. See About

Assessing Violation Severity, page 17-21.

You determine the message senders and recipients that each policy applies to when you enable DLP

policies in Outgoing Mail Policies.

Predefined DLP Policy Templates

To simplify creation of DLP policies, your appliance includes a large collection of predefined policy

templates developed by RSA, Inc.

Template categories include: