Skip to main content
Versa Networks

Configure Quarantine Profiles in Concerto

  1. Last updated
  2. Save as PDF

Versa-logo-release-icon.pngFor supported software information, click here.

Certain Data Loss Prevention (DLP) rule types—such as File Type, Exact Data Match (EDM), and Optical Character Recognition (OCR)—support the quarantine action. When a file matches the quarantine action in a DLP rule, the file is sent to a cloud service for processing. You configure a quarantine profile to specify the location of the cloud service, the storage application (such as Box or Dropbox), the storage-application instance, and the email address of the user under which the quarantine folder is created. 

Before you configure a quarantine profile, you must create one or more application connectors. For more information, see Configure Cloud Applications To Use with API-Based Data Protection.

To configure a quarantine profile:

  1. Go to Configure > Security Service Edge > Profiles and Connectors > Quarantine Profile.

    Quarantine-profile-left-nav-v2-border.png

    The following screen displays any configured profiles.

    Quarantine-profile-main-border.png
     
  2. To customize which columns display, click Select Columns, and then click the columns to select or deselect the ones you want to display. Click Reset to return to the default columns settings. The available columns are:
    • Name
    • Description
    • Application
    • Instance
    • User Email
       
  3. Click + Add to create a new quarantine profile. In the Create Quarantine Profile screen, enter information for the following fields.

    create-quarantine-profile-full-border.png
     
    Field Description
    Profile Name Enter a name for the quarantine profile.
    Description (Optional) Enter a description of the profile.
    Location of the Quarantine Folder (Group of Fields)
    • Application
    		 Select an application to which a file is sent if it meets the match criteria in a policy or rule. The options are:
    • Box
    • Dropbox
    • Google Drive
    • Microsoft OneDrive
    • Microsoft Office 365 SharePoint Sites
    • Instance
    		 Select an instance of the chosen application. For information about creating an application instance, see Configure Cloud Applications To Use with API-Based Data Protection.
    User Email Enter the user email address under which the quarantine folder is created.
    Tombstone (Group of Fields) A tombstone file replaces a file that is quarantined. The tombstone message explains the reason a file is quarantined. You can use the default tombstone message text or create custom text.
    • Data Loss Prevention Tombstone
    		 The default setting is Use Default Text. To create a custom text tombstone message, click Use Custom Text, and then enter the custom text.
    • Advanced Threat Protection Tombstone
    		 The default setting is Use Default Text. To create a custom text tombstone message, click Use Custom Text, and then enter the custom text.

  4. Click Save.

Quarantine, Forensic, and Legalhold Instructions

  • For all SaaS applications that support Quarantine, Forensic, or Legal Hold as a destination, a folder will be created under the specified user. These folders must not be used or modified for any other purpose.
  • For all IaaS applications, access to the designated object (container or bucket) used for Quarantine, Forensic, or Legal Hold purposes should be limited to administrators only. This location must not be used to store any other files or folders.

Applications Supporting Quarantine Object Storage

The following applications can be configured as destinations for Quarantine profiles.

  • IaaS Applications
    • Amazon Web Services (AWS)
    • Google cloud Platform (GCP)
    • Microsoft Azure Cloud
    • Oracle Cloud Infrastructure (OCI)
  • SaaS Applications
    • Box
    • Citrix ShareFile
    • Dropbox
    • Egnyte
    • Google Drive
    • Microsoft OneDrive
    • Microsoft SharePoint

Supported Software Information

Releases 12.2.1 and later support all content described in this article.