Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I wanted to turn off getting notifications about quarantined emails sent to my email address as we have a shared email we use. I went to the DLP policy settings and removed the email address, but I am still getting the emails. Any ideas? We don’t use...
We filter for SSN, but it does not catch everything. I realize a consecutive 9 digit number would be a bad idea and we do not have a rule in place for that anyway. What I do need is a way to catch SSN in the following format: xxx-xx-1234 or xxx-12-34...
I am migrating from physical WSA appliances running v 10.1.5-004 to virtual appliances running v 10.5.6-024, Everything looks identical between the two, however when I use the virtual WSA, I cannot get our Splunk instances. Splunk uses port 8000 for ...
We are currently using SMA v 11.0.1-161. Our WSAs are on version 10.5.2-072 and using config master version 10.5. I want to use config master 11.0, but I am confused by the compatibility matrix in this document.http://www.cisco.com/c/dam/en/us/td/doc...
I have a bunch of custom URL categories set up to either block or allow. If all of them are in the Global Access Policy with the correct action, do they need to be specifically added to other access policies? Some of our policies have them included, ...
So the weirdness continues. Today another user went to the same place I went to yesterday, Standard DLP message action, and the email address I removed yesterday was back. He removed it and now it is working. I have no idea...
Basically we have enabled the DLP rules for various things like SSN, PII, etc so that if a user sends an email with that type of info, the email is quarantined and the ESA sends an email to us so we know to go review the thing. I need to know everywh...
So I have upgraded to version 10.5.6-024 on each WSA. I do not have an option for 11.0.0-161, it goes to 11.7.3-025. My SMA will not support that, but I can't use config master 11.0 on the version of WSA I am on now, which is why I wanted to upgrade....
Sort of. Say I have "example.com" on the "blocks 2020" list and that list is set to block in the global access policy. If I go into the access policy shown and select Exclude from policy, will the user still be blocked from getting to example.com? I ...
