Overview
- This article will show you how to config Data Lost Prevention feature for Email Server available with Protect confidential information.
Diagram
- I prepared a email exchange server as the following diagram, use Email Gateway in Sophos Central to send email out to the internet.
- You can articles about config email exchange server in here.
Configuring
- To config Data Lost Prevention, log in Sophos Central by administrator account.
- Go to My Product > Email Gateway > Policies.
- To create policy click Add Policy, in Feature click Select an option from drop-down list and choose Data Lost Prevention and click Continue.
- Type name for Policy in a box next to Policy Name.
- In User section, assign user mailbox in Available Users table that you want to apply this rule and then click icon “>” users are assign will move to Assigned Users table.
- In Domain section, choose domain you want to apply rule.
- In Setting section, there will be two options to apply the rule: Inbound and Outbound.
- Inbound : The rule will scan email that you receive from the outside.
- Outbound : The rule will scan email that you send from inside.
- In here, i will Outbound and click Add rule to create rule.
- Get Started tab appear, you need to type name and description (if available) for the rule.
- In Choose rule type, i choose Protect confidential information and click Next.
- In Add Items tab, you can choose Use Sophos list in Choose the CI list type.
- In addition, you also can choose Use custom list to choose the confidential information that you want to block.
- In Search in, you can choose scan subject and body or subject, body and attachments.
- In here, i choose Use custom list and Subject, body and attachments.
- Click Next.
- In Choose action tab, it has action as the following.
- Quarantine : Scan the email, if it contains files with the specified files type, it will be delete. The email won’t be send.
- Encrypt : If the email contains files with the specified files type, it will be encrypt.
- Strip attachments : if the email contains files with the specified files type, it will add string on file.
- Redirect message : if the email contains files with the specified files type, it will redirect message to email that you specify.
- Delete: if the email contains files with the specified files type, it will delete.
- Log : if the email contains files with the specified files type, it will save the log.
- In here, i choose Quanrantine and turn on the rule.
- Click Save.
- In Policy Enforced section, you must ensure that the policy is enabled.
- Click Save.
- After that, i will login with the specified mailbox and send an email containing the confidential information file.
- Go to Email Gateway > Quarantined Messages on Sophos Central to check.
- You will see the reason why do you can’t the email.
- Click name of the email in Subject to see more details.
Leave a Reply