Advisory: Support Portal Maintenance. Login is currently unavailable, more info available here.
just a noob question. I have tried to create a DLP rule content which supposed to detect if end users try send credit card information (in AU format) via email (Outlook, windows mail)
unfortunately, it does not do what it's suppose to do. any missing information I missed or should have included/excluded? pretty much followed all the information from knowledge base.
We have Sophos Central Admin 2013-2019
Thanks in advance
Hi Lena Abanes
Please refer to this document which will help you to create a policy in the Sophos Central.
If you haven't followed it or go through it, please go through this. Even after doing all the steps, you are not able to block it, please let us know.
Jasmin Community Support Engineer | Sophos Support Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts | If a post solves your question use the 'This helped me' link
Hi, Thank you for this.
I am still having an issue related to DLP.
Creted Content Policy to detect Credit Card Info - WORKED
Added new DLP Content Policy to detect the word "TFN" - FAILED
Removed the policy created on Scenario 2.
Policy on Scenario 1 works again
After Scenario 2 was completed, both Policy fails to function.
After deleting 2nd DLP policy, 1st DLP policy went on effect again.
Question: How can we proceed creating a policy for different content rule? For Example,
1. DLP Policy 1 - Credit Card Info Content
2. DLP Policy 2 - Drivers License Content
Reason: We want to make sure, user receives an error message specific to content of the file being blocked.
Hope I provided a clear information. Thank you
Hello Lena Abanes,
not sure if it is incorrect use of terms or a misconception: both Policy - only one policy is in effect at a time. A policy can have several rules, the policy is "violated" if at least one rule matches (I use double quotes as the Action could be Allow and log and the transfer is perhaps not considered a real violation). In case several rules match the most restrictive wins (Block → Confirm → Allow).
an error message specific to contentAFAIK the desktop message (optionally) includes the matching rule's name, a specific custom message is not possible though.
Can't say why the single word did not match, could you show what exactly you created?
This seems to have resolved my concern. Thanks a lot!!