Configuring user-defined events for data loss prevention

Use the User-Defined Events area to configure up to eight custom signatures that meet the specific needs of your network. For example, you can create a signature to recognize the format that you use for account numbers or policy numbers.

About this task

Navigating in the IPS Local Management Interface: Secure Protection Settings > Security Modules > Data Loss Prevention

Navigating in SiteProtector™ Management: select the Data Loss Prevention policy

Procedure

  1. Click the Signatures tab.
  2. Click the Content Analysis Enabled check box if it is not already enabled.
  3. In the User-Defined Events area, click the Add icon.
  4. Enable the event and type a descriptive name for the event in the Name field.
  5. Type an appropriate regular expression in the Expression field.
  6. Set the Minimum Match (the minimum number of matches that are required to cause an event).
  7. Assign a protection domain by clicking the Add icon. For more information about configuring protection domains, see Configuring protection domains.
  8. Click OK.