5 Replies Latest reply: Jun 25, 2013 2:31 AM by usman09 RSS

    How to block tagged files being transfered to Dropbox?

    ruckelj

      What is the best way to block files tagged in DLP from being transferred through Dropbox? I tried using a Network Communication Protection rule and defined the application Dropbox which did work. However, when a tagged file was copied to Dropbox a event was triggered every couple of seconds when it tried to sync until the file was deleted from Dropbox. Is there a way to block it from being put in the C:\Users\user\Dropbox folder?

       

      We are using DLP 9.1

       

      Message was edited by: ruckelj on 1/20/12 9:03:17 AM CST
        • 1. Re: How to block tagged files being transfered to Dropbox?
          cnorris

          Hi ruckelj,

           

          Due to the way Dropbox works the NCPR is the best way to block tagged file being uploaded to DropBox and there's no rule available to block local file transfers. Do you see multiple events in the DLP Monitor?

           

          Chris Norris
          McAfee Tier III Support Engineer
          Data Loss Prevention Endpoint

          McAfee website: www.mcafee.com

          • 2. Re: How to block tagged files being transfered to Dropbox?
            tony.lin

            What is NCPR mean?!

            • 3. Re: How to block tagged files being transfered to Dropbox?
              SafeBoot

              See the first post in this discussion

              • 4. Re: How to block tagged files being transfered to Dropbox?
                allanplmak

                I am testing a policy in monitoring tagged file being upload to DropBox like website by using a Web Post Protection Rule, which the Web Destination is all web address exclude company's domain.  It works fine to me.

                • 5. Re: How to block tagged files being transfered to Dropbox?
                  usman09

                  Hi,

                  i hope you are doing well.

                  i am trying to block files uploading to dropbox using web post protection rule but unable to do that. i am follwing that steps that are mentioned below.

                   

                  Web destination

                  1 In the McAfee DLP Endpoint policyconsole navigation pane under Definitions, select WebServers.

                  The available web servers appear in the main pane.

                  2 In the Web Servers window,right-click and select Add New | Web Server.

                  A new Web Server icon appears.

                  3 Double-click the icon.

                  The edit window appears.

                  4 In the text box at the bottom of thewindow, type the web server URL and click Add to add a web

                  server address.

                  5 To add a resource path, right-clickthe web server address and select Add| Resource Path. Type the

                  path and click OK.

                  6 Type a description (optional).

                  7 Click OK

                  Create and define a web post protection rule

                  Web post protection rules monitor or block data from being postedto websites, including web-based

                  email sites.

                  The web post protection rule is supported for Microsoft InternetExplorer 6 and later, and Firefox 3.6,

                  4.0, and 5.0. For other browsers, use network communicationprotection rules.

                  Web post protection rules can block or monitor content uploaded towebsites based on AJAX or Flash

                  technologies. This includes the following sites:

                  • Microsoft Outlook Web Access • Yahoo

                  • Gmail • Hotmail

                  • Google Docs

                  When a web post protection rule is enabled, web post file uploadscontinue in the background after the

                  upload bar indicates that the upload is finished.

                  For option definitions, press F1.

                  Task

                  1 In the McAfee DLP Endpoint policyconsole navigation pane, select ContentProtection | Protection Rules

                  The available protection rules appear in the right-hand pane.

                  2 In the Protection Rules pane,right-click and select Add New | Web Post Protection Rule.

                  3 Rename the rule to something thatwill help you recognize its specific function.

                  4 Double-click the rule icon and followthese steps in the wizard:

                  Step Action

                  1 of 8(optional) Selectthe Select from list option, then select an available web destination or web

                  destination group for this rule. Click Add item to create a new web destination

                  definition. Click Addgroup to create a new web destinationgroup. Click Next.

                  Not defining any specific web destinations will block all outgoingHTTP content.

                  2 of 8 (optional) Selecttags, content categories, and groups to be included or excluded from

                  the rule. You must include at least one tag, content category, orgroup to use

                  the exclude option. Click Additem to create a new tag or contentcategory. Click

                  Add group to create anew tag and content category group. Click Next.

                  3 of 8 (optional) Selectthe Select from list option, then select file types from the available list.Use

                  the Other File Types option to select unlisted (unknown) file types. Click Next.

                  4 of 8 (optional) Selectthe Select from list option, then select file extensions from the available

                  list. Click Next.

                   

                  StepAction

                  5of 8 (optional) Select a document properties definition ordefinition group from the available

                  list.You can include or exclude definitions. Click Additem to create a new

                  documentproperties definition or Add group to create a new document

                  propertiesgroup. Click Next.

                  6of 8 (optional) To apply the rule to specific encryption types,select the Select from list option,

                  andselect one or more encryption types.

                  7of 8 Select actions from the available list. Bydefault, selecting an action selects

                  both Onlineand Offline. Deselect either as required. If you select Monitor, click

                  Severityto modify the value. If you select NotifyUser, click Changedefault alert to

                  modifythe alert message, URL, or link text. If you want RequestJustification to

                  blockweb posts when no justification is provided, you must also select Block.

                  Click Next.

                  8of 8 (optional) Select an assignment group or groups, or define anew group by clicking Add.

                  Click Finish.

                  You caninclude or exclude tags and file extensions.

                  5To activate the rule, right-click the protectionrule icon and select Enable.

                   

                  looking forward for your feedback.i would appreciate if you send me step by step guidance ie screenshots on my email ID.

                   

                  Regards,

                  Usman

                  email ID :: shahusman_786@hotmail.com