Content-Aware Rule Examples
All users are denied the right to copy to devices (Floppy, Removable) and transmit over the network (over HTTP, FTP, SMTP, Web Mail) the following types of content: files containing credit card numbers, password-protected documents and archives, files containing Social Security numbers, and images containing a large amount of text.
1. In the console tree, expand DeviceLock Service, expand Devices, right-click Content-Aware Rules, and then click Manage.
2. In the Content-Aware Rules for Devices dialog box, under Content Database, click the drop-down arrow next to Add Group, and then click Document Properties.
3. In the Add Document Properties Group dialog box, do the following:
a) In the Name box, specify the name of the group, for example, Password-protected documents and archives.
b) Select the Password protected check box.
c) Click OK.
The new content group you created is added to the existing list of content groups under Content Database in the Content-Aware Rules for Devices dialog box. This group will be used to control access to password-protected documents and archives.
4. In the Content-Aware Rules for Devices dialog box, under Content Database, click the drop-down arrow next to Add Group, and then click Document Properties.
5. In the Add Document Properties Group dialog box, do the following:
a) In the Name box, specify the name of the group, for example, Images contain 70% text.
b) Select the Contains text check box and specify 70%.
c) Click OK.
The new content group you created is added to the existing list of content groups under Content Database in the Content-Aware Rules for Devices dialog box. This group will be used to control access to images containing a large amount of text.
6. In the Content-Aware Rules for Devices dialog box, under Content Database, click the drop-down arrow next to Add Group, and then click Complex.
7. In the Add Complex Group dialog box, do the following:
a) In the Name box, specify the name of the group, for example, Complex Group 1.
b) Click Add. In the Content Groups dialog box, select the following groups: Credit Card Number, Images, CAD & Drawing, Images contain 70% text, Password-protected documents and archives, and US Social Security Number.
You can select these groups simultaneously by holding down the CTRL key while clicking them.
c) Compose the following logical expression: US Social Security Number OR Password-protected documents and archives OR Credit Card Number OR Images, CAD & Drawing AND Images contain 70% text.
d) Click OK.
The new content group you created is added to the existing list of content groups under Content Database in the Content-Aware Rules for Devices dialog box. This group will be used to control access to files containing credit card numbers, password-protected documents and archives, files containing Social Security numbers, and images containing a large amount of text.
8. In the Content-Aware Rules for Devices dialog box, do the following:
a) Under Users, click Add. In the Select Users or Groups dialog box, in the Enter the object names to select box, type Everyone, and then click OK.
b) Under Users, select Everyone. Under Content Database, select the Complex Group 1 content group, and then click Add.
9. In the Add Rule dialog box, do the following:
a) Under Applies to, select the Permissions check box.
b) Under Device Type(s), select the Floppy and Removable check boxes.
c) Under Action(s), select the Deny check box next to Write.
d) Click OK.
10. In the Content-Aware Rules for Devices dialog box, click OK or Apply to apply the rule.
11. In the console tree, expand Protocols, right-click Content-Aware Rules, and then click Manage.
12. In the Content-Aware Rules for Protocols dialog box, do the following:
a) Under Users, click Add. In the Select Users or Groups dialog box, in the Enter the object names to select box, type Everyone, and then click OK.
b) Under Users, select Everyone. Under Content Database, select the Complex Group 1 content group, and then click Add.
13. In the Add Rule dialog box, do the following:
a) Under Applies to, select the Permissions check box.
b) Under Protocol(s), select the FTP, HTTP, SMTP, and Web Mail check boxes.
c) Under Action(s), select the Deny check box next to Generic: Outgoing Files and SSL: Outgoing Files.
d) Click OK.
14. In the Content-Aware Rules for Protocols dialog box, click OK or Apply to apply the rule.
