000032009 - RSA DLP policy with transmission attributes does not work on Cisco Ironport ESA

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000032009
Applies ToRSA Product Set: DLP
RSA Product/Service Type: Policy
Platform: Cisco Ironport ESA
IssueAfter configuring a policy in Enterprise Manager with transmission attributes, the policy is pushed to the Cisco Ironport but does not get triggered when sensitive emails are sent that should have been caught by the policy.
This issue occurs when there are transmission attributes with multiple values separated by commas as the delimiter.
ResolutionCisco Ironport parses the list of values in transmission attributes considering semicolon as the separator/delimiter as opposed to the comma, which is used for DLP network devices.
Use semicolon as the separator/delimiter for the transmission attribute values and save the policy.
For example: the recipient list in the transmission attributes for Ironport policies should look like the example below.
To Recipient: *@emc.com;*@rsa.com;*@cisco.com