Configuring user-defined events for data loss prevention

Use the User-Defined Events area of the Data Loss Prevention page for the Network IPS appliance to configure up to eight custom signatures that meet the specific needs of your network. For example, you can create a signature to recognize the format that you use for account numbers or policy numbers.

About this task

Navigating in the Network IPS Local Management Interface: Secure Protection Settings > Security Modules > Data Loss Prevention

Navigating in the SiteProtector™ system: select the Data Loss Prevention policy

Procedure

  1. Click the Signatures tab.
  2. Select the Content Analysis Enabled check box.
  3. In the User-Defined Events area, click the Add icon.
  4. Enable the event and type a descriptive name for the event in the Name field.
  5. Type an appropriate regular expression in the Expression field.
  6. Set the Minimum Match (the minimum number of matches that are required to cause an event).
  7. Assign a protection domain by clicking the Add icon. For more information about configuring protection domains, see Configuring protection domains.
  8. Click OK.