Symantec DLP 15.1 provide next level of integration with ICT 15.1 thus, we can get taxonomy structure from ICT to DLP console. To accomplish this integration we have to perform the following steps both in ICT and DLP;
-
Install Admin Web Service component into the ICT Server. ICT AppPool used for other ICT components, copy webconfig.ini from Administration, enable only Windows Authentication.
-
Check the following URL http://<ICTServer>/ict/Admin-Webservice/Classifications.asmx. Press "GetAllClassifications" then "Invke", be sure all classifaction levels are retrived in xml format.
o
-
From DLP Enforce Console >System >Settings >Information Centric Tagging configuration page the ICT Server user credential (user should have access to the ICT DB, too). Web Service URL ( http ://<ICTServer>/ict/Admin-Webservice/Classifications.asmx) and Sync Now. Be sure to that taxonomy retrieved successfully.
After successful DLP ICT integration, for preventing to share a non-classified document we need to write a policy in the Enforce Console, check the following steps;
-
Enforce Console > Manage > Policies > New > Add blank policy > Detection > Add Rule > Content Matches Classification then "Content is not classified" can be ed.
-
Add Group preferences
-
Add a response rule for prevention, preferably "Endpoint Block"
When the policy is ready, tests can be performed, you should see some outputs like below while you try to share a non-classified document via email.
