|
|
|
CA DLP needs to map email addresses onto individual users for ‘multiple participant’ events. Specifically, address mapping is used by the following CA DLP features to associate imported emails and IM conversations, and emails captured on an Exchange or Domino server, with specific CA DLP users:
Before a policy engine (PE) can apply policy triggers to an intercepted email, it needs to map the sender’s email address to a CA DLP user. The mapping identifies the email owner and determines which policy to apply.
If the PE is unable to map an email address to an existing CA DLP user, the following machine policy settings determine which policy is applied:
Before CA DLP can evaluate control triggers based on user attribute (userattr) lookup commands, it must map the recipients of an outgoing e‑mail (or the sender of an incoming email) onto CA DLP users. It can then evaluate the lookup command, comparing the attributes of the recipients (or the sender of an incoming email) against the test criteria.
If the lookup command is unable to map a recipient onto an existing CA DLP user, the command typically evaluates to False so the trigger does not activate. For full details about user attribute lookup commands, see the Administration console online help; search the index for ‘data lookup, User Attribute lookup’.
Unlike in previous versions of CA DLP, Event Import does not assign emails or IM conversations directly to owners. Instead, it identifies ‘event participants’ and associates an e‑mail address with each participant. Under normal conditions, address mapping is not required while an import job is running. Instead, it is used subsequently to associate imported events with specific CA DLP users during event searches.
However, address mapping is used during an import job if a ‘user attribute’ filter is specified. This enables import jobs to exclude or only include all e‑mail or IM conversations associated with CA DLP users who have specific account attributes.
Import Policy provides a mechanism for applying policy triggers to imported emails directly before they are stored in the CMS. For import policy jobs, address mapping is not used during the import phase. Instead, address mapping is used by the policy engines to determine which policy to apply.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |