Configuring user-combined events for data loss prevention

Use the User-Combined Events area of the Data Loss Prevention page for the Network IPS appliance to configure up to eight custom combinations of combined signatures from predefined and user-defined events.

About this task

Navigating in the Network IPS Local Management Interface: Secure Protection Settings > Security Modules > Data Loss Prevention

Navigating in the SiteProtector™ system: select the Data Loss Prevention policy

Procedure

  1. Click the Signatures tab.
  2. Select the Content Analysis Enabled check box.
  3. In the User-Combined Events area, click the Add icon.
  4. Enable the event and type a descriptive name in the Name field.
  5. Click the Add icon and assign a predefined or user-defined event. You can choose to Exclude signatures that match the event. Repeat this step to add more events.
  6. In the Protection Domain area, click the Add icon to assign the user-combined event to a specific protection domain. For more information about configuring protection domains, see Configuring protection domains.
  7. Click OK.