I haven't gotten that far down this route with my client, however, when support dropped the bombshell on me about unified network and host DLP going away before it makes some sort of triumphant return in who knows how many months or years, I recall some mention about some regex differences and limitations being brought up. I don't recall the details, however, I have found support to be useful. A case may get you where you want to go faster than trying to rely on the rather non-specific documentation that's provided.
Good luck! Be sure to let us know how it resolves.
Well, when I raised a service request trough standard support I was told they can help me only with the default concepts, if I want to help with creating custom ones I should pay for consulting.
I am already in contact with local McAfee consultant and he told me he could not find anything regarding NDLP regex but will ask his collegues. One week and still nothing.
I am afraid there is no documentation and even if it is the NDLP is not capable to match some more complex patterns like HDLP does.
Thanks anyway and I will pin here a post if I find out something.
Delightful. LOL. Sherman42, I feel your pain.
So apparently it's too much to ask support for a working example of a single custom concept? I'd raise hell with sales contacts and make sure the product manager for this steaming delight of NDLP knows what a crock of loveliness that puts customers in when support plays this card. What support probably doesn't even know is that there's a black hole in consulting too... because those guys and gals are winging it and teaching themselves this stuff as well it seems. The mcafee consultant we ended up with onsite wasn't nearly as sharp at this as he should've been and seemed to lean on support a lot. Wonder if they'd have told him the same thing. "But... I AM the McAfee consultant!" Sales loves to sell us on how flexible and customizeable the product is to meet our needs, but that doesn't do us much good when the documentation fails to give you sufficient clues on how to do it. In twitter parlance:
@McAfeeNDLP If your support folks have to say the word "consulting" too often, your documentation and their training needs help. #proTip
Maybe if you and I took the NDLP course they'd cover this piece of functionality in the tool? Oh wait--that doesn't exist.
Mcafee: I hope someone is lurking and escalating these concerns to someone empowered to do something about it. Your DLP customer experience is currently rather broken I'm afraid.