Data In Motion policy configuration does not work as expected
Document ID :
Last Modified Date :
Show Technical Document Details
CA Data Protection
CA Data Protection:Release:14.0
CA Data Protection:Release:14.1
CA Data Protection:Release:14.5
CA Data Protection:Release:14.6
CA Data Protection:Release:15.0
CA Data Protection:Release:15.1
CA Data Protection:Release:15.2
CA Data Protection Active Policy Management:DLPAPM
CA Data Protection Client Integration:DLPCLN
You can use the Client Network Agent (or 'network agent') to control web activity on endpoint computers. Specifically, the network agent can monitor HTTP and SSL/TLS (HTTPS) requests. This activity includes attempts to post files and comments to web sites or to submit form data. The network agent can apply policy to network activity in any browser and applies Data In Motion triggers.
Some users have noted that when they use CA Data Protection with a Data in Motion file trigger configured using the "Included Top Level File Names" setting the policy does not work as expected.
CA Data protection 14.x\15.x
This is working as designed CA Data Protection File Triggers work through exclusion rather than inclusion.
CA Data Protection can either
(1) Capture everything by using the "Included Top Level File Names" setting of "*"
(2) Capture everything by using the "Included Top Level File Names" setting of "*" but set a list of file types that can be safely ignored by defining the "Ignored Top Level File names"
(3) Set the "Which Top Level File List?" to "Use the Excluded list" and defining the "Excluded Top Level File Names". If you specify the Excluded list, all files trigger a control event unless the file is listed in the "Excluded Top Level File Names".
Was this information helpful?