How to set up DGM as a policy exception for Endpoint

book

Article ID: 159969

calendar_today

Updated On:

Products

Data Loss Prevention Endpoint Prevent Data Loss Prevention Network Monitor Data Loss Prevention Network Prevent for Email Data Loss Prevention Network Prevent for Web Data Loss Prevention Network Protect Data Loss Prevention Endpoint Discover

Issue/Introduction

Setting up DGM as an exception to a policy to prevent false incidents from being generated for Endpoint users

Resolution

Directory Group Matching is a way to match on large groups of senders and recipients (using lists of e-mail addresses, IP addresses, IM names, usernames).  DGM can also be used as inclusion or exception in a policy.  

There are a few things that need to be set correctly in order to make DGM exceptions for Endpoint work.

1. If you want to match on usernames there has to be a system field that is set to Windows User.

2. In the file that you upload the username must be displayed with the domain qualifier or machine name first e.g.. DOMAIN\username or MACHINENAME\username.

3. If you do not put a column header of e-mail in the upload file the DGM will not show on the choose Directory EDM list when you setup the exception.

NOTE: EDM, IDM, and DGM detection requires information to be sent to the Endpoint Server for processing.  Violations using EDM, IDM, or DGM can not be blocked on the Endpoint. They will be monitored only.  Be aware that this will add extra network traffic.

See: KB 42485: What can we detect at the Endpoint in Vontu DLP 8?