Policy Guide › Detecting Fingerprinted Files › Policy Changes to Detect Fingerprinted Files

Policy Changes to Detect Fingerprinted Files

To enable CA DLP to detect and control fingerprinted files, you need to edit triggers in your user policies. Specifically, you need to assign content agents to specific triggers and ensure that these triggers have distinctive names and, typically, an appropriate policy class.

To set up a content agent trigger

After setting up your content agents and building the content indexes, you must assign the agents to triggers in your user policies. These triggers fire when they detect a file that matches a fingerprint in the content agent's index.

You also need to give these triggers distinctive names and, typically, an appropriate policy class. This enables reviewers to easily search for fingerprinted files captured or blocked by CA DLP.

1. In the Administration console, right-click a user or group and choose Edit Policy.
2. In the User Policy Editor, select the trigger you want.

   For email and Web triggers, you can only assign content agents to a Content Agent trigger.

   For Data In Motion and Data At Rest triggers, you can assign content agents to any trigger.

3. (Data In Motion triggers and Data At Rest triggers only) Edit the Use Content Agents For Files? trigger setting. Set this to 'Use content agents to analyze text content'.
4. Edit the Which Content Agents? trigger setting and add the content agents that you want to associate with this trigger.
5. Edit the Trigger Name and Policy Class settings as required.
6. Reviewers will search for 'fingerprint events' using these trigger names and policy classes.