How to Prevent Sharing of the Unclassified Documents (DLP 15.1 & ICT 15.1 Integration)

Symantec DLP 15.1 provide next level of integration with ICT 15.1  thus,  we can get taxonomy structure from ICT to DLP  console. To accomplish this integration we have to perform the following steps both in ICT and DLP;

  1. Install Admin Web Service component into the ICT  Server. ICT AppPool used for other ICT components, copy webconfig.ini from Administration, enable only Windows Authentication.
  2. Check the following URL http://<ICTServer>/ict/Admin-Webservice/Classifications.asmx. Press "GetAllClassifications"  then "Invke",  be sure all classifaction levels are retrived in xml format.o
  3. From DLP Enforce Console >System >Settings >Information Centric Tagging configuration page the ICT Server user credential (user should have access to the ICT DB, too). Web Service URL (  http ://<ICTServer>/ict/Admin-Webservice/Classifications.asmx)  and Sync Now. Be sure to that taxonomy retrieved successfully.

After successful DLP ICT integration, for preventing to share a non-classified document we need to write a policy in the Enforce Console,  check the following steps; 

  1. Enforce Console > Manage > Policies > New > Add blank policy > Detection > Add Rule > Content Matches Classification  then "Content is not classified" can be ed.
  2. Add Group preferences
  3. Add a response rule for prevention, preferably "Endpoint Block"

When the policy is ready, tests can be performed, you should see some outputs like below while you try to share a non-classified document via email.