Help Center
Quick Start
- System requirements
- Minimum privileges required
- Default port configuration
- Installing DataSecurity Plus
- Uninstalling DataSecurity Plus
- Starting DataSecurity Plus
- Launching DataSecurity Plus
- Configuring your solution
- Licensing details
- Applying a license
File Auditing
- About File Auditing
- Domain configuration
- File server configuration
- Failover cluster configuration
- Workgroup configuration
Setting up File Audit
Dashboard
Reports
Alerts
Configuration
Storage Configuration
Endpoint DLP
- About Endpoint DLP
Setting up Endpoint DLP
Reports
Alerts
Prevention policies
Configuration
File Analysis
- About File Analysis
Setting up File Analysis
Dashboard
Reports
Alerts
Configuration
Data Risk Assessment
- About Data risk assessment
Setting up Data risk assessment
Dashboard
Reports
Alerts
Configuration
Cloud Protection
- About Cloud Protection
- Gateway Server Configuration
- Certificate Authority Configuration
- Gateway Configuration in Endpoint
- Manage Certificate Trust Store
- Threat Analytics Database
- Manage Banned Applications
- Manage Authorized Applications
- Global Insight
- Application Insight
- User Insight
- Shadow Application Insight
- Banned Application Insight
- Cloud Access Reports
- Application Reports
- Shadow Cloud Application Reports
- Banned Cloud Application Reports
- File Upload Reports
Setting up Cloud Protection
Dashboard
Reports
Storage Configuration
Administrative settings
- Technician configuration
- Email configuration
- Notification filters
- Manage agent
- SIEM integration
- Business hours configuration
General settings
About DataSecurity Plus
Release notes
2020
2019
2018
2017
2016
2015
Troubleshooting
Contact usPolicy
DataSecurity Plus uses predefined policies to identify endpoint security vulnerabilities in real time.
You can monitor the following security policies using the Endpoint DLP solution:
Data Leak Prevention
Block files containing business-critical data from leaving the network via USBs and email.
File Activity Monitoring
Audit accesses and changes made to files in workstations.
File Copy Auditing
Audit file copy actions by users both within workstations as well as to external storage devices.
File Integrity Monitoring
Detect and respond to unauthorized changes made to sensitive files by users.
Potential Malware Intrusion
Detect potential malware by receiving alerts when safe threshold limits are breached.
Removable Device Auditing
Audit the use of USBs and other removable storage devices.
Sensitive File Activity Monitoring and Response
Receive reports on user activities in files containing sensitive data such as PII and ePHI.
Follow the steps below to modify the predefined policies:
- Click the Endpoint tab. Go to Configuration > Settings > Policy.
- Select the edit icon next to a predefined policy to modify it.
- Add or remove rules configured under Audit Profiles and Alert Profiles.
- Click Save.
To create new audit or alert policies, follow the below steps:
- Click the Endpoint tab. Go to Configuration > Settings > Policy Configuration.
- Click + Add Policy at the top-right corner.
- Name the policy and include an appropriate description.
- Choose the endpoints that it applies to.
- Choose the Audit Profiles and Alert Profiles that you want to add.
Example: If you want to block sensitive file movements to USB devices, choose the Data Leak Prevention - USB alert profile.
- Click Save.
Default audited folders list
The following folders and shares are audited by default in endpoint devices:
- *OSDIR*\Program Files
- *OSDIR*\Program Files\Internet Explorer
- *OSDIR*\Program Files\Common Files
- *OSDIR*\Program Files (x86)
- *OSDIR*\Program Files (x86) \Common Files
- *OSDIR*\ProgramData
- *OSDIR*\Windows
- *OSDIR*\Windows\System32
- *OSDIR*\Windows\System32\Drivers
- *OSDIR*\Windows\System32\Drivers\etc
- *OSDIR*\Windows\System32\Sysprep
- *OSDIR*\Windows\System32\wbem
- *OSDIR*\Windows\System32\WindowsPowerShell\v1.0
- *OSDIR*\Windows\Web
- *OSDIR*\Windows\SysWOW64
- *OSDIR*\Windows\SysWOW64\Drivers
- *OSDIR*\Windows\SysWOW64\wbem
- *OSDIR*\Windows\SysWOW64\WindowsPowerShell\v1.0
- *OSDIR*\Boot
- *OSDIR*\Perflogs
- *OSDIR*\Users\All Users\Microsoft\Windows\Start Menu\Programs\Startup
- *OSDIR*\Users\Public
- *OSDIR*\Users\*\AppData\Local
- *OSDIR*\Users\*\AppData\Local\Temp
- *OSDIR*\Users\*\AppData\LocalLow
- *OSDIR*\Users\*\AppData\Roaming
- *OSDIR*\Windows\Scripts
- *OSDIR*\Windows\System
- *OSDIR*\Windows\System32\GroupPolicy\Machine\Scripts\Startup
- *OSDIR*\Windows\System32\GroupPolicy\Machine\Scripts\Shutdown
- *OSDIR*\Windows\System32\GroupPolicy\User\Scripts\Logon
- *OSDIR*\Windows\System32\GroupPolicy\User\Scripts\Logoff
- *OSDIR*\Windows\System32\Repl
- *OSDIR*\Users
Don't see what you're looking for? Ask the Community