I am using Web Gateway Appliance 7.3.2
Today I faced this problem, I purchased certificate for exchange server from godaddy, after I added the required item , next step was to fill in the credit card information, holder name , expiry etc. After all this when I clicked for payment, I got McAfee page where risk was showing in 'Green' means no issues with site but page getting blocked by DLP, this is not acceptable as it was genuine case, similary there are other sitesVerisign I am afraid if anybody else also try to buy certificate will face similar problem, Please guide how to fix this.
Feedback file is attached here with....
File removed please open a service request as mentioned below. ModMessage was edited to remove file with private details on 2/08/13 6:40:02 PM
Is it possible you've activated a policy that by its very design blocks credit card numbers from being part of any POST or GET requests? I could see a well meaning PCI-audit driven shop doing just such a thing and causing this.
I'd assume it'd prevent an awful lot of ecommerce from being initiated from employee workstations.
Caveat: I did not open up your feedback as my own feedbacks depress me enough as is (and I personally would never post one for what it's worth--lots of info leakage to be had if not sanitized). :-)
Regis is right, you should not post a feedback to the community. I have contacted an moderator to remove the file.
The community exists to discuss and give ideas. This is not an official technical support resource, therefore most likely no-one will download the feedback, extract the policy and manually reviews what is configured. If this is what you are looking for you need to file a service request.
Sorry, this was in the Moderation queue yesterday and I simply restored it as there was no explanation as to why it was there. Thanks Tony.
.Message was edited by: Ex_Brit on 02/08/13 8:20:07 EDT AM
As Regis mentioned, you have a DLP rule that is blocking the post. You may want to whitelist certain sites for DLP, or evaluate what rules you have in place.
The "Green" GTI rating is irrelevant in this case, it was only listed on the block page because the lookup was performed and the block page was configured to display the result.
The site itself is not getting blocked, still there is a need to add it to 'Whitelist' ? OR you mean to say it should be under 'whitelist' from DLP point of view ?
I would whitelist it only for the DLP ruleset. That way all other rules are still applied, you simply get around the one that is is giving unwanted positive hits.