Send the user name to Symantec Vontu DLP

book

Article ID: 169418

calendar_today

Updated On:

Products

Data Loss Prevention Network Monitor Data Loss Prevention ProxySG Software - SGOS

Issue/Introduction

Customer his integrated ProxySG with Symantec's DLP solution, Vontu via icap. The customer now wants to send the username via icap and have Vontu dlp do the group lookup based on the username the ProxySG sends.

Cause


 

Resolution

In Proxy device, one can apply policy options given below to achieve this. The options given below depends on how the format should be when sending to the DLP device.

 

Option 1: Username in the format of "Domain\Username"

<Proxy>
action.ICAP_REQMOD_User(yes)

define action ICAP_REQMOD_User
set(icap_reqmod.request.x_header.X-Authenticated-User, '$(user:encode_base64)')
end

 

Option 2: Username in the format of "username". i.e. without Domain prefix

<Proxy>
action.ICAP_REQMOD_User(yes)

define action ICAP_REQMOD_User
set(icap_reqmod.request.x_header.X-Authenticated-User, '$(cs-username:encode_base64)')
end


Note: The username sent by the ProxySG is base-64 encoded