Skip to main content
Versa Networks

Configure Offline Data Loss Prevention

  1. Last updated
  2. Save as PDF

Versa-logo-release-icon.pngFor supported software information, click here.

Offline data loss prevention (DLP) is a set of tools and processes for detecting and preventing data breaches, cyber exfiltration, and unwanted destruction of sensitive data. You use DLP to protect and secure an organization's data and to comply with regulations.

The Versa Networks DLP solution oversees, tracks, and reports all data transactions in the network, scanning all content that passes through an organization's ports and protocols to ensure data security in the organization. The gathered data is sent to Versa Analytics, which generates detailed reports about what data is being used, who is using it, and where the data is sent. These reports are available to users.

To configure DLP, you create a DLP profile that you associate with a security policy. To create the DLP profile, you do the following:

  1. Configure data patterns—Data patterns define the specific data strings that you want to filter in a data protection profile. Concerto includes a large number of predefined data patterns that are provided in the Versa security pack (SPack) software, and you can create custom data patterns.
  2. Define a data protection profile—You associate data patterns with a data protection profile, and you then use the data protection profile when you create DLP rules.
  3. Define DLP rules—You create the rules that are used in a DLP profile to match data.
  4. Configure a DLP profile—Create an ordered set of DLP rules that you can then apply to a security policy or to an internet protection rule.

Configure Custom Data Patterns

To configure custom data patterns:

  1. Go to Configure > Security Service Edge > Advanced Security > Profiles.

    Advanced-Security-Profiles-left-nav-v3-border.png

    The following screen displays with the Cloud Access Security Broker (CASB) tab selected by default.

    Advanced-security-profiles-dashboard-border.png
     
  2. Select Data Loss Prevention (DLP) > Data Patterns.

    Advanced-Security-Profiles-DLP-Data-Patterns-v2-border.png
     
  3. In the horizontal menu bar, you can perform the following operations on existing data patterns.

    horizontal-submenu-actions-border.png
     
    Operation Description
    Add Create a new internet protection rule. This button is active when no existing rule is selected.
    Clone

    Clone the selected internet protection rule. When you select this option, the configuration wizard for the rule displays with the Review & Deploy screen selected. You can rename the default name of the cloned rule, if desired, and then click Save.
    Delete

    Delete the selected internet protection rule. A popup window similar to the following displays:

     

    Click Yes to delete the internet protection rule, or click No to retain the rule.
    Refresh Refresh the list of existing rules.
    Reference If you select an object and then click Reference, all of the locations in the hierarchy in which the object is used are displayed. 
  4. To customize which columns display, click Select Columns, and then click the columns to select or deselect the ones you want to display. Click Reset to return to the default column display settings.

    select-columns-data-patterns-border.png
     
  5. Click the add-icon-blue-on-white-22.png Add icon to add a new data pattern. In the Data Patterns screen, enter information for the following fields.

    data-patterns-v2-border.png
     
    Field Description
    Name Enter a name for the data pattern.
    Regex Enter an exact regular expression to search for in a file, for example, Employee.*Salary.
    Keywords Enter one or more keywords to search for in a file. Once a keyword is found, the DLP engine scans for the regex pattern within the given range. Use a comma to separate multiple keywords.
    Range From

    Select the location to search in the file:

    • Anywhere—Start the scan anywhere in the file.
    • Start—Start the scan at the beginning of the file.
    Range Window

    Enter a range for the search with the file, which is sometimes called the proximity.

    • If you select Range From Anywhere, you do not need to specify a range window, because the entire file is scanned.
    • If you select Range From Start, enter the number of bytes to scan from the start of the file. 
    • If you do not enter a range window, the entire file is scanned.

    Range: 1 through 4294967295 bytes
    Default: 8192 bytes
  6. Click Save.

Configure Data Protection Profiles

A data protection profile consists of an ordered set of rules in which each rule has one or more match conditions and an action. You can configure a data protection profile to stop evaluating rules after the first rule that matches (Exit on First Rule Match option) or to evaluate all rules and apply all those that match (default behavior).

After you create a data protection profile, you can use it as part of the enforcement actions on a policy rule in a security access control policy.

To configure a data protection profile:

  1. Go to Configure > Security Service Edge > Advanced Security > Profiles.

    Concerto_advanced_security_profiles.png
     
  2. Select Data Loss Prevention (DLP) > Data Protection Profiles.

    DLP_Data_Protection_Profiles_Subtab-v2-border.png
  3. Click the add-icon-blue-on-white-22.png Add icon. The Data Pattern screen displays step 1, Select DLP Data Pattern.

    DLP-data-pattern-select-v2-border.png
  4. Click Add User-Defined Data Pattern, and then select one or more custom data patterns to use in the data protection profile.

    select-user-defined-data-pattern-v2-border.png
     
  5. Click Save to add the user-defined data patterns to the data protection profile.
  6. Click Add Predefined Data Pattern, and then select one or more predefined data patterns to use in the data protection profile.

    select-predefined-data-pattern-v3-border.png
     
  7. Click Save. The selected data patterns display.

    DLP-data-patterns-selected-v2-border.png
  8. Click Next to go to step 2, Action.

    boolean-operation2-offline-v2-border.png
  9. Create a Boolean operation that defines how to match the selected data patterns. To do this, click a data pattern, click the AND, OR, NEAR, or NOT operator, and then click a second data pattern to complete the Boolean operation. The Boolean operation can include multiple data patterns, with each separated by a Boolean operator.

    The Boolean operators are:
    • AND—The patterns before and after the AND operator must both appear in the file for a match to be made.
    • OR—Either the pattern before or the pattern after the OR operator must appear in the file for a match to be made.
    • NEAR—The two data patterns before and after the NEAR operator are located within 200 bytes of each other in the file for a match to be made.
    • NOT—The pattern that occurs after the NOT operator does not appear in the file for a match to be made. 

      The following example shows a Boolean operation created from the data patterns shown in the previous screenshot:

      boolean-operations-offline-v2-border.png
    1. To replace one data pattern in the Boolean operation with another, click the down arrow next to the data pattern name, and then select a different one.

      data-pattern-drop-down-2-border.png
       
    2. To change the Boolean operator, click the down arrow next to the operator name and then selecting a different one.

      boolean-operator-drop-down2-v2-border.png
       
    3. To remove the last element of a Boolean operation, click the down arrow and then click Remove Selection.

      boolean-operation-offline4-border.png
  10. Click Next.
  11. In step 3, Review and Submit, enter a name for the data protection profile and, optionally, a text description and one or more tags. A tag is an alphanumeric descriptor, with no white spaces or special characters, that you can use to search the objects.

    DLP-profile-review-submit-v3-full-border.png
     
  12. Review the data protection profile entries.
  13. To change any of the information, click the edit-pencil-icon-blue.png Edit icon in the section and then make the required changes.
  14. Click Save to create the data protection profile.

Configure DLP Rules

A DLP profile rule consists of the following components:

  • Rule Type—You can select one of the following rule types:
    • Content analysis—Scan data in the HTTP Context, such as HTTP Attachment, HTTP Body, and HTTP Header.
    • Exact data match (EDM)—Validate the match result of a custom or predefined data pattern against a user-provided data set. An exact data match rule can reduce false positives and can help to guarantee precise DLP for entries in the data set.
    • File DLP—Provide protection based on the configured file attributes.
  • File-type filtering—You can configure data filters based on file types.
  • Activity, Protocol, and Context scanning—DLP monitoring can scan by activity (upload, download, or both), the HTTP protocol, and context (header, body, attachment.

The following table shows the applications supported by DLP, and whether upload and download are supported for each of the listed actions.

Application Alert Allow Alert & Set Label Allow & Set Label Block Encrypt Encrypt-Upload Quarantine Reject

Box.com

Upload

Upload

Upload

Upload

 

Upload

Upload

 Upload

Upload

Upload
Confluence

Upload

Upload

Upload

Upload

 

Upload

Upload

 Upload

Upload

Upload

Dropbox

Upload

Upload

Upload

Upload

Upload

Upload

Google Drive

Github

Upload

Upload

Upload

Upload

Upload

Upload
Jira

Upload

Upload

Upload

Upload

 

Upload

Upload

 Upload

Upload

Upload

One Drive

Upload

Upload

Upload

Upload

Upload

Upload

Upload

Upload

Upload

Outlook

Upload

Upload

Upload

Upload

Upload

Upload

Upload

Upload

Upload

Salesforce

Upload

Upload

Upload

Upload

Upload

Upload

Upload

Upload

Upload
Sharepoint

Upload

Upload

Upload

Upload

 

Upload

Upload

 Upload

Upload

Upload

Slack

Upload

Upload

Upload

Upload

Upload

Upload

Teams

Upload

Upload

Upload

Upload

Upload

Upload
Trello

Upload

Upload

Upload

Upload

 

Upload

Upload

 Upload

Upload

Upload
Yammer

Upload

Upload

Upload

Upload

 

Upload

Upload

 Upload

Upload

Upload
Zoom

Upload

Upload

Upload

Upload

 

Upload

Upload

 Upload

Upload

Upload

To configure rules to use in DLP profiles:

  1. Go to Configure > Security Service Edge > Advanced Security > Profiles.

    Advanced-Security-Profiles-left-nav-border.png
     
  2. Select Data Loss Prevention (DLP) > DLP Rules.

    Advanced-Security-DLP-Rules-border.png
  3. To customize which columns display, click Select Columns down arrow and then click the columns to select or deselect the ones you want to display. Click Reset to return to the default column display settings.

    select-columns-DLP-rules-border.png
     
  4. Click + Add to add a DLP rule. The Select a Rule Type screen displays. You can create Content Analysis, File DLP, and Exact Data Match (EDM). The following sections describe how to configure the DLP file types.

    API-DP-select-DLP-rule-type-v6-border.png
     
  5. Configure a Content Analysis Rule—To create a content analysis rule, click the Content Analysis box in the Select a Rule Type screen. The following screen displays, which lists all predefined data protection profiles by default. The pre-defined profiles are:
    • AUSTRALIA_FINANCIAL_DATA
    • CCPA_California_Consumer_Privacy_Act
    • Financial_Information
    • GDPR_General_Data_Protection_Regulation
    • GLBA_Gramm_Leach_Bliley_Act
    • PCI_DSS
    • SOCIAL_SECURITY_NUMBER_CONFIDENTIALITY_ACT2000
    • SOURCE_CODE_ACT
    • UK_ACCESS_TO_MEDICAL_REPORTS_Act1988
    • UK_FINANCIAL_DATA
    • UK_PII
    • US_DRIVERS_LICENSE_NUMBER_ALL_STATES
    • US_FEDERAL_TRADE_COMISSION_RULES
    • US_FINANCIAL_DATA
    • US_HIPAA
    • US_PATRIOTS_ACT
    • US_PHI
    • US_PII
    • WESTERN_AUSTRALIA_HEALTH_SERVICES_ACT

      content-analysis-rule-step1-v2-border.png
       
    1. To view the custom data protection profiles, click User Defined.
    2. To add the DLP rule for analysis, click one predefined or one user-defined data protection profile. You can select only one data protection profile, which can be either a predefined or a user-defined profile. To filter the data protection profiles by category, click All Categories. To filter the data protection profiles by region, click All Regions.
       
  6. Configure a File DLP Rule—To create a file DLP rule, click File DLP in the Select a Rule Type screen. In the File DLP screen, enter information for the following fields.

    file-DLP-border.png
     
    Field Description
    Filename Enter a name for the file.
    File Size (Group of Fields)  
    • Enter Minimum
    		 Enter the minimum size of the DLP file, and then select the size unit, either megabytes (MB), gigabytes (GB), kilobytes (KB), or bytes. The configured action is taken on all files that are smaller than the minimum size and that match the configured file type. If you set the minimum size to 0, the maximum DLP file size is used for the action.
    • Enter Maximum
    		 Enter the maximum size of the DLP file, and then select the size unit, either megabytes (MB), gigabytes (GB), kilobytes (KB), or bytes. The configured action is taken on all the files that are larger than the maximum size that match the configured file type.
    SHA256 Enter the secure hash algorithm 256-bit (SHA256) value. To enter multiple SHA256 values, separate them by a new line.
    File Label Enter a file label, and then click Add.
  7. Configure an Exact Data Match Rule—To create an exact data match rule, click Exact Data Match (EDM) in the Select a Rule Type screen. The following screen displays.

    DLP-rule-type-EDM-v2-border.png
     
  8. To create an expression, click Create Expression, and then enter information for the following fields.

    create-expression-EDM-rule-v2-border.png
     
    Field Description
    Expression Name Enter a name for the expression.
    Data Pattern Select a data pattern.
    Enter Value Enter a value for the expression, the click Add.
  9. Click Save.
  10. To upload a CSV file that contains a list of exact data matches, click Upload File.
    1. Drag and drop the CSV file into the window, or click Select CSV File to upload the file.
    2. To hash the CSV file, click Hash the File.
    3. Click Save.

      upload-exact-data-match-list-border.png
       
  11. To select a filename, click Select File Name. The Select Filename screen displays.

    select-file-name-EDM-border.png
     
    1. In the File Name field, select a filename. Note that this list shows the names of CSV files that were previously uploaded. For information about uploading CSV files, see the Manage DLP Files and Folders, below.
    2. Click Get Columns. The screen displays the columns for each field in the CSV file.

      select-file-name-get-columns-EDM-border.png
       
    3. In the Data Pattern column, select a data pattern to apply to each entry. Click Remove to remove an entry from the CSV file.
    4. Click Save.
       
  12. Click Next to go to step 2, File Type in the Create DLP Rule screen.
  13. Select one or more file types to be analyzed. To search for specific file types, use the search box. To select all file types, click Select All File Types.

    Concerto supports the following file types:
     
    any bmp c class cpp csv docx
    gif gzip html jpeg msoffice pdf pem
    pgp php pl png ppk ppt pptx
    rtf sh tar tif txt visio vsf
    xls xlsx xml xz zip    

    API-DP-DLP-rule-step2-file-type-full-border.png
  14. Click Next to go to step 3, Configure Activity, Protocol, and Context.
  15. Enter information for the following fields.

    API-DP-content-analysis-rule-step3-activity-protocol-context-v3-full-border.png
     
    Field Description
    Activity

    Select the direction of the traffic on which to apply the rule:

    • Upload—Apply the rule when the client posts data to a server.
    Protocol

    Click the protocol to scan:

    • Web Protocol
      • HTTP
    Context

    Select one or more HTTP contexts of data to scan:

    • Attachment—Data in an attachment
    • Body—Data in the body
    • Header—Data in the header of a packet
  16. Click Next to go to step 4, Exclude. 
  17. In the Filename field, enter the names of a file to exclude, for example, budget.xlsx, and then click Add. The filename displays to the right of the Add button. You can exclude multiple files. To delete a filename from the list, click the trash-icon.png Trash icon next to the filename.

    API-DP-DLP-rule-step4-exclude-border.png
     
  18. Click Next to go to step 5, Action. 
  19. Enter information for the following fields.

    The following table shows the applications supported by DLP and whether file-name matching is supported for upload.

    Applications  Upload 
    Box Supported
    Confluence Supported
    Dropbox Supported
    Github Supported
    Google Drive Supported
    Jira Supported
    Microsoft OneDrive Supported
    Microsoft Outlook Supported
    Microsoft Sharepoint Supported
    Microsoft Teams (web) Supported
    Microsoft Yammer Supported
    Salesforce Supported
    Slack Supported
    Trello Supported
    Zoom Supported

    API-DP-DLP-rule-step5-action-borderpng.png
     
    Field Description
    Action

    Select an action to take if the file matches the rule:

    • Alert—Allow the file to pass and log it to Versa Analytics
    • Allow—Allow the file to pass without logging it to Versa Analytics
    • Block—Drop the file without sending a notification to the client host that originated the file.
    • Encrypt—Encrypt the file before sending it.
    • Legal Hold—Apply a legal hold profile to the file.
    • Quarantine—Send the file to the customer-provided cloud portal without encrypting it.
    • Redaction—(For the EDM rule type only.) If a rule match is detected in an editable, text-based file, change the content of the matched packet to random characters. Note that redaction is supported only for Exact Data Match (EDM) with the file types txt, xml, sh, html, c, and php.
    • Reject—Drop the file and send a notification to the client host indicating that the file was dropped.
    • Tokenization—(For the EDM rule type only.) Replace sensitive data with randomized, non-sensitive data, referred to as a token, which has no inherent value that can be exploited.
    • URL Action Redact—Mask or remove parts of a URL that contain sensitive information.
    • URL Action Redirect—Redirect a URL request to another page or website based on a URL argument. 
    Logging Click to enable LEF logging to Analytics, which logs all actions to Versa Analytics, except fo actions that explicitly do not log. If you do not enable logging, no logging information is sent to Versa Analytics.
    Notification Profile Select a notification profile. To configure a notification profile, see Configure SASE User-Defined Objects.
    Label Select a sensitivity label to be set or removed on a file before uploading or downloading it. Enter the text of the label to be set or removed in the text box.
    Threat Type

    Select the threat type.  The options are:

    • Alert
    • Block
    • Exfiltration in Content Analysis
    • Document Fingerprint
    • File Size Not In Range
    • Source Code Detection
    • Mip Label
    • File DLP
    • OCR Match (currently not supported)
    • MI Image Classification
    • MI Source Code
    • MI Document Fingerprint
    • MI Spam Mail
    Threat Severity Select the threat severity, either Critical, Major, or Normal.
  20. Click Next to go to step 6, Review & Submit.

    API-DP-Rule-Review-full-border.png
  21. Enter a name for the rule.
  22. To change any of the information, click the edit-pencil-icon-blue.png Edit icon and then make the required changes.
  23. Click Save to create the DLP rule.

Configure DLP Profiles

A DLP profile consists of one or more DLP rules.

To configure a DLP profile:

  1. Go to Configure > Security Service Edge > Advanced Security > Profiles.

    Advanced-security-Profiles-left-nav-border.png
     
  2. Select Data Loss Prevention (DLP) > DLP Profiles.

    API-DP-DLP-Profiles-border.png
     
  3. To customize which columns display, click the Select Columns down arrow, and then click the columns to select or deselect the ones you want to display. Click Reset to return to the default column display settings.

    DLP-select-columns-border.png
     
  4. Click add-icon-blue-on-white-22.png Add to add a new DLP profile. The Select Rules screen displays step 1, Select DLP Rules.

    API-DP-Select-DLP-Rules-v2-border.png
     
  5. Select one or more DLP rules to include in the profile. To filter the types of rules that are displayed, use the User-Defined, All Categories, and All Regions boxes.
  6. Click Next to go to step 2, Applications and Group.

    API-DP-DLP-select-DLP-rule-full-border.png
     
  7. If any application groups have been defined, you can select them from the list.
  8. Select one or more user-defined and/or predefined applications. 
  9. Click Next to go to step 3, Configure Rule Order.
  10. If you selected two or more DLP rules on the Select DLP Rules screen, you can change the order in which the rules are processed by dragging and dropping the rules to the desired order. 

    DLP-profiles-rules-reordered-v2-border.png
     
  11. Click Next to go to step 4, Reputation. Enter information for the following fields.

    DLP_Rules_Step_4_Reputation.png
     
    Field Description
    Enable Logging Click to enable logging.
    Cloud Lookup State Click to enable the cloud lookup state. If the cloud lookup state is not configured for this profile, the cloud lookup state configurations are inherited from the tenant VOS device.
  12. Click Next to go to step 5, Action. Enter information for the following fields.

    DLP_Rules_Step_5_Actions-v2-border.png
     
    Field Description
    Default Action

    Click the down arrow and select a default action. This default action applies if none of the scanned data matches a rule.

    • Alert
    • Allow
    • Block
    • Reject
    Exit on First Rule Match Click to exit rule processing after the first match occurs.
    Logging Enable logging of the DLP rules processing. All logs are sent to Versa Analytics.
    Forensics Enabled Enable forensics on uploaded original files. Data forensics is used to collect and analyze data on computing devices, network devices, phones, or tablets. The results are often used in legal procedures, regulatory and company investigations, investigations of criminal activity, and other types of investigations that involve digital evidence.
    For more information, see Configure Forensic Profiles in Concerto.
    Profile Select a forensic profile.
    Upload Original File Enable or disable uploading an original file. This option is only selected if you select Forensic Enabled.
  13. Click Next to go to step 6, Review & Submit.
  14. Enter a name for the DLP profile and, optionally, a description and one or more tags. A tag is an alphanumeric descriptor, with no white spaces or special characters, that you can use to search the rules.

    DLP_Rules_Review-v2-full-border.png
     
  15. Review the configuration.
  16. To change any of the information, click the edit-pencil-icon-blue.png Edit icon and then make the required changes.
  17. After review, click Save to create the new DLP profile.

Associate a DLP Profile with SaaS Applications

To associate a DLP profile with a SaaS application:

  1. Go to Configure > Security Service Edge > Advanced Security > API Based Data Protection > Policy Rules.

    API-DP-left-nav-v2-border.png

    The following screen displays.

    SaaS-Rules-schedule-based-full-border.png
     
  2. Select the SaaS tab, and then select either the Schedule Based or Event Based subtab. (This example uses the Schedule Based option.)
  3. Click the add-icon-blue-on-white-22.png Add icon. The screen displays step 1, SaaS Applications.

    SaaS-applications-v3-border.png
  4. Click an application, and then click Next to go to step 2, Instance.

    SaaS-applications-Instance-v2-border.png
     
  5. In the Instance screen, select an application instance, then click Next to go to step 3, Users & Groups.

    SaaS-applications-Users-Groups-border.png
  6. By default, all users and groups are included in the policy rule. Click Customize to specify the users and groups to include in the rule. The Users & Groups screen displays, with the Include tab and User Groups subtab selected by default.

    Users-Groups-Include-User-Groups-API-DP-v2-border.png
     
  7. Select a user group from the User Source drop-down list. The user groups within the selected group display under User Group.
  8. Click the User tab.
  9. Select a user from the User Source drop-down list. The users in the selected group display under Users.

    Users-Include-User-API-DP-border.png
     
  10. Select one or more users to include in the policy.
  11. Click the User Profiles tab.

    Users-Groups-Include-User-Profiles-SaaS-border.png
     
  12. Select one or more user profiles.
  13. Click add-icon-blue-on-white-22.png Add New User Profile to add one or more additional user profiles.

    new-user-profiles-border.png
     
    1. Enter a name for the profile in the Profile Name field.
    2. (Optional) Enter a description.
    3. Enter a name for the user in the User field.
    4. Click Add. The user is added to the Available list. You can add additional users to the list.

      available-list-border.png
       
    5. Click Remove to remove a user name from the list.
    6. When you have finished adding users to the profile, click Submit.
       
  14. Click the Internal-External tab.

    Users-Groups-Include-internal-external-border.png
     
  15. Select one of the following internal-external users to add to the rule, either None, Internal, External, or Both.
  16. Click the Domains tab. The following screen displays any previously configured domains. 

    Users-Groups-Domains-border.png
     
  17. Select a domain to add to the rule.
    1. If no domains are listed, click + Add New Domain.

      add-domain-border.png
       
    2. Enter a valid domain name, such as versa-networks.com, and then click Add. You can add additional domains.
    3. You can then add one or more of the new domains to the rule.
       
  18. Click the Domain Profiles tab.

    Users-Groups-Domains-Profiles-border.png
     
  19. Select one or more domain profiles to add to the rule.
  20. Click add-icon-blue-on-white-22.png Add New Domain Profile to create additional domain profiles.

    new-domain-profiles-border.png
    1. Enter a name for the domain profile in the Profile Name field.
    2. (Optional) Enter a description. 
    3. Enter a valid domain name, such as versa-networks.com.
    4. Click Add. The domain profile is added to the Available list.

      available-domain-profiles-border.png
       
    5. Click Remove to remove a domain profile from the list.
    6. When you have finished additional domain profiles to the list, click Submit.
       
  21. Select the Exclude tab. By default, all users and groups are excluded in the policy rule. Click Customize to specify the users and groups to exclude from the rule.

    Note: The subtabs under the Exclude tab are the same as the subtabs under the Include tab. See Steps 6 through 20 for information about these subtabs.

    Users-Groups-Exclude-tab-border.png
     
  22. Click the back-arrow-left-black-on-white.png Back arrow or click Next to go to step 4, Schedule.
  23. Select a schedule and enter the required information.

    SaaS-applications-Schedule-v2-border.png
     
    Scan Type Description
    Non Recurring Time

    Select this scan type to run a single, non-recurring scan. Enter the following information:

    • Start Date—Enter the date to start the scan.
    • Start Time—Enter the time of day to start the scan.
    Hourly Select this scan type to run a scan every hour. Enter the following information:
    • Start Date—Enter the date to start the scans.
    • Start Time—Enter the time of day to start the scans.
    • End Date—Enter the date to end the scans.
    Daily Select this scan type to run a scan once per day. Enter the following information:
    • Start Date—Enter the date to start the scans.
    • Start Time—Enter the time of day to start the scans.
    • End Date—Enter the date to end the scans.
    Weekly Select this scan type to run a scan once per week. Enter the following information:
    • Every—Select how often to run the weekly scan. Select 1 to run the scan every week, enter 2 to run the scan every 2 weeks, etc.
    • On—Select one or more days of the week on which to run the scan. 
    • Start Date—Enter the date to start the scans.
    • Start Time—Enter the time of day to start the scans.
    • End Date—Enter the date to end the scans.
    Monthly

    Select this scan type to run a scan once per month. Enter the following information:

    • Every—Select how often to run the monthly scan. Select 1 to run the scan every month, enter 2 to run the scan every 2 months, etc.
    • Start Time—Enter the time of day to start the scans.
    • End Date—Enter the date to end the scans.
  24. Click Next to go to step 5, Security Profiles.

    SaaS-applications-Security-Profiles-v2-full-border.png
     
  25. Click Profiles, and then select the Data Loss Prevention (DLP) tab.
  26. Click the slider bar to enable Data Loss Prevention, then select a profile from the drop-down list. The details of the profile display.
  27. Click Next to go to step 6, Notification Profile, and then select a notification profile, if desired.
  28. Click Next to go to step 7, Review & Deploy, and then enter a name for the rule.

    SaaS-applications-Review-Deploy-v2-full-border.png
     
  29. Click Save.

Supported Actions for Each Application

Application

Alert

Quarantine

Legal Hold

Forensic

Encrypt

IaaS Applications

      

Amazon Web Services (AWS)

Yes

Yes

Yes

Yes

Yes
Google cloud Platform (GCP)

Yes

Yes

Yes

Yes

Yes
Microsoft Azure Cloud

Yes

Yes

Yes

Yes

Yes
Oracle Cloud Infrastructure (OCI)

Yes

Yes

Yes

Yes

Yes

SaaS Applications

          

Asana

Yes

Yes

Yes

Yes

Yes

Box

Yes

Yes

Yes

Yes

Yes

Cisco Webex Teams

Yes

Yes

Yes

Yes

Yes

Citrix ShareFile

Yes

Yes

Yes

Yes

Yes

Confluence

Yes

Yes

Yes

Yes

Yes

Dropbox

Yes

Yes

Yes

Yes

Yes

Egnyte

Yes

Yes

Yes

Yes

Yes

Google Drive

Yes

Yes

Yes

Yes

Yes

GitHub

Yes

Yes

Yes

Yes

Yes

GitLab

Yes

Yes

Yes

Yes

Yes

Gmail

Yes

Yes

No

No

No

Jira

Yes

Yes

Yes

Yes

Yes

Microsoft OneDrive

Yes

Yes

Yes

Yes

Yes

Microsoft Outlook

Yes

Yes

Yes

Yes

Yes

Microsoft SharePoint

Yes

Yes

Yes

Yes

Yes

Microsoft Teams

Yes

Yes

No

No

No

Microsoft Yammer

Yes

Yes

No

Yes

No

Notion

Yes

Yes

Yes

Yes

Yes

Salesforce

Yes

Yes

Yes

Yes

Yes

ServiceNow

Yes

Yes

Yes

Yes

Yes

Slack

Yes

Yes

Yes

Yes

Yes

Trello

Yes

Yes

Yes

Yes

Yes

Zendesk 

Yes

Yes

Yes

Yes

Yes

Zoom 

Yes

Yes

Yes

Yes

Yes

Supported Software Information

Releases 12.2.1 and later support all content described in this article.