Profile settings
This page lists the advanced settings available when configuring a predefined or custom DLP profile.
Match count refers to the number of times that any enabled entry in the profile can be detected before an action is triggered, such as blocking or logging. For example, if you select a match count of 10, the scanned file or HTTP body must contain 11 or more matching strings. Detections do not have to be unique.
Context analysis restricts detections based on proximity keywords to prevent false positives. Proximity keywords must be detected within a distance of 1000 bytes (~1000 characters) from the original detection to trigger an context-aware detection. For example, the string 123-45-6789
will only count as a detection if in proximity to keywords such as ssn
.
DLP will apply context analysis to traffic and the content of supported files. Supported detections include the Financial Information and Social Security, Insurance, Tax, and Identifier Numbers predefined profiles.
You can exclude the content of files from context analysis while still applying context analysis to traffic. For example, if you send an email containing the string 123-45-6789
, DLP will only count a detection if the string is in proximity to keywords such as ssn
. If you include a file in an email containing the string 123-45-6789
, DLP will match a detection regardless of keywords.
To exclude file content from context analysis, in Exclude content type, choose Files.
Optical Character Recognition (OCR) analyzes and interprets text within image files. When used with DLP profiles, OCR can detect sensitive data within images your users upload.
OCR supports scanning .jpg
/.jpeg
and .png
files between 4 KB and 1 MB in size. Text is encoded in UTF-8 format, including support for non-Latin characters.