we need to implement McAfee DLP somehow to meet all of our requirements.
what we need is to have Web filtering and application filtering with full functionalities.
besides, we have several network paths which need to be tagged as critical contents. only authorized users should have the ability to copy these files to removable media.
in additions, it is valuable to consider that weeks ago I congifured McAfee DLP and deploy its agents to more than 500 computers. but after that, we systems exposed to a weird situation and most of them showed cpu utiliziation by 100%.
Text Editor (TE) was the problematic process.
then I started to remove all agents from those computers.
can you please give me best idea to implement our best practice DLP configurations?
use device control on the systems to block USB,CD/DVD,wireless...etc, for the systems or users with minimum access and systems with less than 2 GB of memory.
when you use full content protection (contents and context) don't use alot of keywords and dictionaries for every policy be more specific and minimized, because the text extractor will eat alot of the CPU if the policy with alot of details, try to use registered docs if you have top secret docs.