Configuring user-combined events for data loss prevention

Use the User-Combined Events area to configure up to eight custom combinations of combined signatures from predefined and user-defined events.

About this task

Navigating in the IPS Local Management Interface: Secure Protection Settings > Security Modules > Data Loss Prevention

Navigating in SiteProtector™ Management: select the Data Loss Prevention policy

Procedure

  1. Click the Signatures tab.
  2. Click the Content Analysis Enabled check box if it is not already enabled.
  3. In the User-Combined Events area, click the Add icon.
  4. Enable the event and type a descriptive name in the Name field.
  5. Click the Add icon and assign a predefined or user-defined event. You can choose to Exclude signatures that match the event. Repeat this step to add more events.
  6. In the Protection Domain area, click the Add icon to assign the user-combined event to a specific protection domain. For more information about configuring protection domains, see Configuring protection domains.
  7. Click OK.