User Guide
17-14
AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide
Chapter 17 Data Loss Prevention
DLP Policies for RSA Email DLP
Examples:
2009 Cisco net sales, net income, depreciation (Match)
FORM 10-Q 2009 I.R.S. Employer Identification No. (Match)
Creating a Content Matching Classifier for Custom DLP Policies
Custom classifiers that you create are added to the list of classifiers that you can use when creating
custom DLP policies.
What To Do Next
Use your custom content classifier in a custom DLP Policy. See Creating a Custom DLP Policy
(Advanced), page 17-9.
Step Do This Information
Step 1
Understand how content matching classifiers are
used to identify potential DLP violations.
See:
• About Defining Disallowed Content
Using Content Matching
Classifiers, page 17-10
• Content Matching Classifier
Examples, page 17-12
Step 2
Select Mail Policies > DLP Policy Customizations
and click Add Custom Classifier.
Enter a classifier name and description.
—
Step 3
Enter a proximity and a minimum total score. See Determiners of the Risk Factor of a
Suspected Violation, page 17-18
Step 4
Choose one of the following detection rule types and
define the associated content matching criteria:
• words or phrases
• text from a dictionary
• a regular expression, or
• an existing data loss prevention entity
See:
• Classifier Detection Rules for
Identifying Sensitive Content
(Custom DLP Policies Only),
page 17-15
• Using Custom Dictionaries of
Sensitive DLP Terms (Custom DLP
Policies Only), page 17-17
• Regular Expressions for Identifying
Identification Numbers, page 17-15
For information about Weight and Max
Score, see Determiners of the Risk
Factor of a Suspected Violation,
page 17-18.
Step 5
(Optional) Add additional rules by clicking Add
Rule.
Step 6
If you include multiple rules, specify whether All or
Any rules must match.
This setting is at the top of the Rules
section.
Step 7
Submit and commit your changes. —