150 lines
3.9 KiB
INI
150 lines
3.9 KiB
INI
config dlp filepattern
|
|
edit 1
|
|
set name "builtin-patterns"
|
|
config entries
|
|
edit "*.bat"
|
|
next
|
|
edit "*.com"
|
|
next
|
|
edit "*.dll"
|
|
next
|
|
edit "*.doc"
|
|
next
|
|
edit "*.exe"
|
|
next
|
|
edit "*.gz"
|
|
next
|
|
edit "*.hta"
|
|
next
|
|
edit "*.ppt"
|
|
next
|
|
edit "*.rar"
|
|
next
|
|
edit "*.scr"
|
|
next
|
|
edit "*.tar"
|
|
next
|
|
edit "*.tgz"
|
|
next
|
|
edit "*.vb?"
|
|
next
|
|
edit "*.wps"
|
|
next
|
|
edit "*.xl?"
|
|
next
|
|
edit "*.zip"
|
|
next
|
|
edit "*.pif"
|
|
next
|
|
edit "*.cpl"
|
|
next
|
|
end
|
|
next
|
|
edit 2
|
|
set name "all_executables"
|
|
config entries
|
|
edit "bat"
|
|
set filter-type type
|
|
set file-type bat
|
|
next
|
|
edit "exe"
|
|
set filter-type type
|
|
set file-type exe
|
|
next
|
|
edit "elf"
|
|
set filter-type type
|
|
set file-type elf
|
|
next
|
|
edit "hta"
|
|
set filter-type type
|
|
set file-type hta
|
|
next
|
|
end
|
|
next
|
|
end
|
|
config dlp sensitivity
|
|
edit "Private"
|
|
next
|
|
edit "Critical"
|
|
next
|
|
edit "Warning"
|
|
next
|
|
end
|
|
config dlp sensor
|
|
edit "g-default"
|
|
set comment "Default sensor."
|
|
next
|
|
edit "g-sniffer-profile"
|
|
set comment "Log a summary of email and web traffic."
|
|
set summary-proto smtp pop3 imap http-get http-post
|
|
next
|
|
edit "Content_Archive"
|
|
set feature-set proxy
|
|
set full-archive-proto smtp pop3 imap http-get http-post ftp nntp mapi
|
|
set summary-proto smtp pop3 imap http-get http-post ftp nntp mapi
|
|
next
|
|
edit "Content_Summary"
|
|
set feature-set proxy
|
|
set summary-proto smtp pop3 imap http-get http-post ftp nntp mapi
|
|
next
|
|
edit "Credit-Card"
|
|
set feature-set proxy
|
|
config filter
|
|
edit 1
|
|
set name "Credit-Card-Filter"
|
|
set severity high
|
|
set proto smtp pop3 imap http-get http-post mapi
|
|
set action log-only
|
|
next
|
|
edit 2
|
|
set name "Credit-Card-Filter"
|
|
set severity high
|
|
set type message
|
|
set proto smtp pop3 imap http-post mapi
|
|
set action log-only
|
|
next
|
|
end
|
|
next
|
|
edit "Large-File"
|
|
set feature-set proxy
|
|
config filter
|
|
edit 1
|
|
set name "Large-File-Filter"
|
|
set proto smtp pop3 imap http-get http-post mapi
|
|
set filter-by file-size
|
|
set file-size 5120
|
|
set action log-only
|
|
next
|
|
end
|
|
next
|
|
edit "SSN-Sensor"
|
|
set comment "Match SSN numbers but NOT WebEx invite emails."
|
|
set feature-set proxy
|
|
config filter
|
|
edit 1
|
|
set name "SSN-Sensor-Filter"
|
|
set severity high
|
|
set type message
|
|
set proto smtp pop3 imap mapi
|
|
set filter-by regexp
|
|
set regexp "WebEx"
|
|
next
|
|
edit 2
|
|
set name "SSN-Sensor-Filter"
|
|
set severity high
|
|
set type message
|
|
set proto smtp pop3 imap mapi
|
|
set filter-by ssn
|
|
set action log-only
|
|
next
|
|
edit 3
|
|
set name "SSN-Sensor-Filter"
|
|
set severity high
|
|
set proto smtp pop3 imap http-get http-post ftp mapi
|
|
set filter-by ssn
|
|
set action log-only
|
|
next
|
|
end
|
|
next
|
|
end
|