cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

DLP policies not being enforced on gateway

Hi, 

I recently deployed my Check Point 5100 gateway as a standalone in my enviroonment and i purchased the DLP blade. I tried earlier to use the Content Awareness feature to achieve want i wanted, that is blocking users from a certain segment in my network from sending specific files, but that did not work. So i tried using the DLP blade and it also still did not work. Users from that segment can still send those files.

Is there any special configurations i need to do appart from the ones specified on the DLP configuration manual

Kindly assist

0 Kudos
6 Replies
Vladimir
Jade

Re: DLP policies not being enforced on gateway

When you are using content awareness, how exactly are your users sending the files?

If they are using HTTPS based services, perhaps implementing HTTPS inspection is in order.

0 Kudos
Employee+
Employee+

Re: DLP policies not being enforced on gateway

To confirm you've integrated DLP with your on premise Exchange email or the files are being sent via an alternate method?

0 Kudos

Re: DLP policies not being enforced on gateway

i integrated the DLP with the On-premise Exchange Mail server. 

0 Kudos
Employee+
Employee+

Re: DLP policies not being enforced on gateway

Are you seeing any log entries for DLP events via SMTP traffic that you could share (sanitized of course), also could you provide an example of a policy rule that isn't working as intended (is it set to Prevent or Detect)?

The following options may be a factor in some scenarios... moreover I would suggest opening an SR with TAC to investigate further if not already.

DLP

0 Kudos

Re: DLP policies not being enforced on gateway

Hello Chris,

My primary goal is to prevent some users in a particular segment from send mails. I used Content Awareness to prevent users from sending files but the policy did not work because users from that segment were still able to send attachments.

I also activated the DLP blade. I am also not seeing any logs 

0 Kudos
Employee+
Employee+

Re: DLP policies not being enforced on gateway

To confirm the traffic from this network segmemt can only exit via this gateway (from a routing perspective) and you're seeing normal firewall logs for this traffic?

If the routing and configuration checks out per the admin guide definitely raise a case with TAC to investigate further.

0 Kudos