1 Reply Latest reply on Nov 29, 2011 8:19 AM by DMurali

    Excluding Intranet sites from monitoring and collection

    andrewdean

      Hi all, just wondering what is the correct method for excluding intranet sites from being monitored and events collected in a web protection rule. Also how not to collect peoples banking details would be good.

       

      I have EPO 4.5, DLP 9.

        • 1. Re: Excluding Intranet sites from monitoring and collection
          DMurali

          If all your intranet sites use FQDN (e.g. locasite.company.com), then you can looking into the following.

           

          1. Create a "Web Destination" definition, something like All destinations except Intranet, then add all your comany's root domain(s) to it

          2. After you finish adding the domains, simply uncheck all of them except for "Other Web Server"

           

          3. Now, create a Web Post Protection rule

               under step 1, choose "select from the list" and select the definition that you just created.

           

          continue with rest of the steps in the protection rule as they apply to your environment. You will have an option to select the "reaction" (monitor, block, store evidence, etc). under step 7. You need to select atleast one reaction, the one with least impact is monitor. Unless you select Store evidence, the data doesn't get stored.

           

          When you are done don't forget to enable to rule and apply to ePO Server.