I am setting up a McAfee DLP 4400 with the 9.2 software in the monitor mode. I've got a list of roughly 5500 e-mail addresses, which we would like to monitor. Any e-mail addresses that are not on the list, should be ignored.
Now I'm interested to know if someone has done this before and if so, what was the approach you took?
At the moment I am thinking the content filters are probably the best way to go, since it will drop all irrelevant e-mail addresses. The issue I've got is that the query lenght appears to be limited to 10240 characters. As a result I would need multiple content filters.
Does anyone have an example of a best practice to tackle this challenge?
No one has faced a similar challange? I can hardly imagine that no-one has come across this scenario before!