How to set up IP filters for Symantec DLP Network Monitor
Article ID: 160497
Data Loss Prevention Network MonitorData Loss Prevention Enforce
Setting up IP filters for the Symantec DLP Monitor Server.
To setup IP filters for the Symantec DLP Monitor Server:
From Symantec DLP Enforce, in the left pane, go to Administration > Settings > Protocols (if you want to apply to ALL Monitor servers); or go to Administration > System > Overview > Network Monitor server > Configure > Protocol (if you want to apply ONLY to a specific Monitor server).
Add the filter by selecting the protocol you want.
Use the following general syntax for IP filtering:
-, <destination> , <source> drops all streams sent to <destination> from <source> +, <destination> , <source> includes all streams sent to <destination> from <source>
All filters are processed from top to bottom. Make sure that there is no extra linefeed at the end. Otherwise you will get errors. For example, if you want to exclude only IPs 220.127.116.11 and 18.104.22.168 and keep everything else, you could do the following