Previous Topic: Local Drives Listed As Network Drives Over RDCNext Topic: Detecting URLs in Network Events

Policy GuideProtecting Data at the Network BoundaryDetecting URLs in Traffic Crossing the Network Boundary

Detecting URLs in Traffic Crossing the Network Boundary

You can use the NBA to apply policy to network traffic originating from specific URLs. For example, you may want to capture all Facebook traffic, but only capture traffic from other URLs if the communication breaches your corporate regulations.

Note: Network events can include file uploads, comments posted to a web site, and page requests submitted to a web server.

How does CA DataMinder Detect URLs?

  1. When the NBA analyzes files crossing the network boundary, the NBA stores URL details with the event metadata.

    For HTTPGET, HTTPPOST, and HTTPURL events, the NBA writes the URL as an attribute into the network event's XML metadata.

  2. The NBA passes the network event and the XML metadata to a policy engine for analysis.
  3. Policy engines apply Data in Motion triggers to network events captured by the NBA.
  4. The Data In Motion triggers use XML data lookup commands to detect specific URLs in the metadata of transmitted files and other network events. If a specific URL is detected, the trigger fires.

    You must configure the Data In Motion triggers to use suitable XML data Lookup commands.