cancel
Showing results for 
Search instead for 
Did you mean: 
regancc
Level 7

HDLP 9.2 URL Exclusion

Jump to solution

Is it possible to whitelist or exclude a specific URL so HDLP doesn't flag traffic to it as an 'incident' and skew my metrics/reports?

We use a secure document storage provider and tons of traffic goes to a specific URL with legitimate business traffic to upload docs to it.

I don't want my DLP metrics to trigger an event when our users upload docs to that URL.

Any help you can provide is greatly appreciated!

Chip

0 Kudos
1 Solution

Accepted Solutions
vimalnavis
Level 13

Re: HDLP 9.2 URL Exclusion

Jump to solution

Assuming you are talking about Web Post Protection (WPP) rule, when you create a WPP rule, step 1 allows you to define a Web Destination.

Create a new Web Destination and add the URL/Web server you want to ignore and uncheck that URL/Domain. Leave the check box for Other web servers. Now the rule will be enforced to all web servers except the one that you left unchecked.

This option has always existed.

0 Kudos
5 Replies
keithdrone
Level 10

Re: HDLP 9.2 URL Exclusion

Jump to solution

I have not found an exclusion option for 9.2 or 9.3 for this feature.   I think I have a PER in for it, but I have about a dozen going all the way back to April for DLP which McAfee has never checked or reviewed - any of them.

So it may or may not be a feature in 9.3 patch 1, which was scheduled for this month some time.

0 Kudos
vimalnavis
Level 13

Re: HDLP 9.2 URL Exclusion

Jump to solution

Assuming you are talking about Web Post Protection (WPP) rule, when you create a WPP rule, step 1 allows you to define a Web Destination.

Create a new Web Destination and add the URL/Web server you want to ignore and uncheck that URL/Domain. Leave the check box for Other web servers. Now the rule will be enforced to all web servers except the one that you left unchecked.

This option has always existed.

0 Kudos
keithdrone
Level 10

Re: HDLP 9.2 URL Exclusion

Jump to solution

Score, I'll be giving that a try myself!  When we had demos and engineers here from McAfee, they told us that this was not an option, and I never found anything definitive in the documentation.   So if we wanted to use WPP for all web-servers and internet addresses, except for 1, we couldn't do that..   I'll give it a shot though, thanks!

Message was edited by: keithdrone on 10/25/13 7:37:52 AM CDT
0 Kudos
vimalnavis
Level 13

Re: HDLP 9.2 URL Exclusion

Jump to solution

You are Welcome.

0 Kudos
regancc
Level 7

Re: HDLP 9.2 URL Exclusion

Jump to solution

Thanks, at first it didn't appear this was working, but it seems to be so I marked this as 'Answered'...

Very much appreciate it.

0 Kudos