Enabling ITM / Endpoint DLP Prevention Rules

This topic is for ITM / Endpoint DLP rules only.

Enabling Prevention Rules

Prevention rules are enabled at the Realm level. You turn on/off Prevention Enabled in the Advanced Settings of the Agent Realm. (Advanced SettingsProcessingPrevention Enabled)

When enabled the following options are available:

  • Print Prevention: Prevent printing of files. (See Print Detection and Prevention.)

  • Enable Prevention from Unsupported Program: Prevent users from exfiltrating sensitive data using an application that the Agent does not support print monitoring activity. (See Print from an Unsupported Program.)

    • Action to apply on prints from unsupported program: Select Allow or Block of unsupported programs/

  • Resume web upload operation automatically: When Resume Web Upload is turned on, Web Upload action is resumed after file processing, without end user interaction or with only minimal end user interaction. (See Resume Web Upload.)

  • Upload Prevention for Mac: Web File Upload is supported as an exit point for Mac Agents. Web Upload action is resumed after file processing, without end user interaction or with only minimal end user interaction.

  • Action to apply if file size exceeds threshold: This setting controls the action to apply if the file size exceeds the Content Scanning File Size threshold. (Block, Prompt or From Prevention Rule)

  • Actions to apply for any other failure: This setting controls how the Agent behaves for any other failure related to content scanning. (Block, Prompt or From Prevention Rule)

  • Action to apply on encrypted file: This setting controls how the Agent behaves when scanning an encrypted file. (Block, Prompt or From Prevention Rule)

    • Options are:

      • Block: Content is blocked and the selected user notification displays.

      • Prompt The user is prompted to provide a justification based on the selected end user notification. Justifications can be used with prevention rules to offer the user the option of continuing a prevented action by selecting a response. When a justification is selected, the action is allowed.

      • From Prevention Rule: The action and end user notification defined at the rule level is applied.

Related Topics:

ITM / Endpoint DLP Prevention Rules

ITM / Endpoint DLP Exit Points