Hi all, just wondering what is the correct method for excluding intranet sites from being monitored and events collected in a web protection rule. Also how not to collect peoples banking details would be good.
I have EPO 4.5, DLP 9.
If all your intranet sites use FQDN (e.g. locasite.company.com), then you can looking into the following.
1. Create a "Web Destination" definition, something like All destinations except Intranet, then add all your comany's root domain(s) to it
2. After you finish adding the domains, simply uncheck all of them except for "Other Web Server"
3. Now, create a Web Post Protection rule
under step 1, choose "select from the list" and select the definition that you just created.
continue with rest of the steps in the protection rule as they apply to your environment. You will have an option to select the "reaction" (monitor, block, store evidence, etc). under step 7. You need to select atleast one reaction, the one with least impact is monitor. Unless you select Store evidence, the data doesn't get stored.
When you are done don't forget to enable to rule and apply to ePO Server.