This is in regard to McAfee DLP v11.3 and Boldon James classification.
I came across the difficulties to configure Content-based Classifications in McAfee DLP with Third-Party Tag option (Classifications Criteria > File Conditions > Third Party Tag ).
I have configured tag with a different options but it doesn't work well with any protection rules.
I have used Document Properties for all Office Applications and that works well with Office apps. But if we have classification with Third-Party tag then it would be easy to manage the non-office applications.
The tag in Boldon James was XXX - Confidential & XXX - Internal, so to assign this tag in Office (Word or Excel) need to select XXX under classification and then select Confidential or Internal which will mark Office document XXX - Confidential.
For Non Office application, need to select tag by Righ click option and apply.
Configuration for content classification in McAfee DLP for Third-Party tag is in attachment but it's not picking that tag and protection doesn't work.
Can anyone please guide me on how I can make this working. I am also checking with Boldon James support to get the value to put in Third Party tag config and awaiting a response.
Please see below information related to the supported document types for third party integration.
The following table lists the supported file types and the technology applied.
Document type True file type Method
Microsoft Word DOC, DOCX, DOCM, DOT, DOTX, DOTM document property
Microsoft PowerPoint PPT, PPTX, PPS, PPSX, PPSM, PPTM, POT, POTM, POTX
Microsoft Excel XLS, XLSX, XLSM, XLSB, XLT, XLTX, XLTM
XPS document XPS
Portable Document Format PDF XMP property
Audio and video formats AIF, AIFF, AVI, MOV, MP2, MP3, MP4, MPA, MPG, MPEG, SWF,
WAV, WMA, WMV
The following table lists the internal properties.
Classification Property name
Manual file classification DLPManualFileClassification
File classification last modified by DLPManualFileClassificationLastModifiedBy
File classification last modification date DLPManualFileClassificationLastModificationDate
File classification version DLPManualFileClassificationVersion
Endpoint discovery automatic classification DLPAutomaticFileClassification
Endpoint discovery automatic classification version DLPAutomaticFileClassificationVersion
Graphic and image formats PNG, JPG, JPEG, TIF, TIFF, DNG, WMF, PSD
Also, I have attached the product guide for DLP 11.3. See page 91 for Third Party tag use case.
I have tried third party tag as mentioned in DLP guide (page 91) that you have shared but somehow DLP agent not detecting it.
Maybe I am doing something wrong in it, it would be great if you can please guide me on this,
Boldon James Tag name - XXX
Content in Boldon James tag (to identify specific word) - Confidential
I have tried the attached config in DLP classification but no luck..
Would like to know if there is a resolution to this, as we are seeing the exact same behavior as OP.
Is there any fix that hasn't been posted yet that we should be aware of to resolve? This is a feature breaking item for our Data Security requirements to prevent HC tagged data from being sent via email to external email recipients.
I have figured it out with Document custom Properties and used a value (kind of hash value configured in BoldonJames) that BoldonJames is using. It did work well for some time and last week the customer has informed that they are seeing no classification value in Incident Manager for new incidents.
I might have session with the customer this week and will be able to confirm the issue or the solution.
Also I can definitely confirm that Custom Document Properties in Classification works well.
Apologies, I forgot to mention about the Email, I did configure third party tag option and took value from BoldonJames console and it started triggering tag and protection rule to email.
I will post more updates once have a call with my customer.