Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
481 Views 5 Replies Latest reply: Oct 25, 2013 12:37 PM by regancc RSS
regancc Newcomer 2 posts since
Jun 26, 2013
Currently Being Moderated

Oct 23, 2013 12:20 PM

HDLP 9.2 URL Exclusion

Is it possible to whitelist or exclude a specific URL so HDLP doesn't flag traffic to it as an 'incident' and skew my metrics/reports?

 

We use a secure document storage provider and tons of traffic goes to a specific URL with legitimate business traffic to upload docs to it.

 

I don't want my DLP metrics to trigger an event when our users upload docs to that URL.

 

Any help you can provide is greatly appreciated!

 

Chip

  • keithdrone Apprentice 56 posts since
    Jan 28, 2013
    Currently Being Moderated
    1. Oct 23, 2013 12:32 PM (in response to regancc)
    Re: HDLP 9.2 URL Exclusion

    I have not found an exclusion option for 9.2 or 9.3 for this feature.   I think I have a PER in for it, but I have about a dozen going all the way back to April for DLP which McAfee has never checked or reviewed - any of them.

     

    So it may or may not be a feature in 9.3 patch 1, which was scheduled for this month some time.

  • vimalnavis McAfee SME 204 posts since
    Feb 23, 2010
    Currently Being Moderated
    2. Oct 25, 2013 12:30 AM (in response to regancc)
    Re: HDLP 9.2 URL Exclusion

    Assuming you are talking about Web Post Protection (WPP) rule, when you create a WPP rule, step 1 allows you to define a Web Destination.

    Create a new Web Destination and add the URL/Web server you want to ignore and uncheck that URL/Domain. Leave the check box for Other web servers. Now the rule will be enforced to all web servers except the one that you left unchecked.

    This option has always existed.

  • keithdrone Apprentice 56 posts since
    Jan 28, 2013
    Currently Being Moderated
    3. Oct 25, 2013 7:37 AM (in response to vimalnavis)
    Re: HDLP 9.2 URL Exclusion

    Score, I'll be giving that a try myself!  When we had demos and engineers here from McAfee, they told us that this was not an option, and I never found anything definitive in the documentation.   So if we wanted to use WPP for all web-servers and internet addresses, except for 1, we couldn't do that..   I'll give it a shot though, thanks!

     

    Message was edited by: keithdrone on 10/25/13 7:37:52 AM CDT
  • vimalnavis McAfee SME 204 posts since
    Feb 23, 2010
    Currently Being Moderated
    4. Oct 25, 2013 8:33 AM (in response to keithdrone)
    Re: HDLP 9.2 URL Exclusion

    You are Welcome.

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points