Skip to content

How To Configure User Level DLP

This article provides steps to configure DLP at a granular level.

Pre-requisites

Currently Configuring the granular control on user level, prerequisites are:

  1. Taking putty of VPN server and inserting entries of user IDs for whom you want to Bypass the DLP rules.

  2. Requires the HySecure client version to be 5.1.4.7 or above for the settings to be applied.

  3. For HySecure Version 5230, 5360, 5299. However, you can add those users from management console also in 5299 version, but there is limitation for adding the same.

Steps

  1. Install / Upgrade the latest HySecure windows client on user machine where you want the Bypass list to work.

  2. Make sure that the blocking policy has been applied in HySecure VPN gateway from Client settings.

    1. Screenshot block

    2. Clipboard Block

    3. USB block

  3. Take putty of the Hysecure VPN and login with user "vpnsadmin"

    • Password has been shared by Accops team.

  4. Perform the following steps to add users to the DLP bypass list

    1. Type below commands in this:

      sudo nano /home/fes/public/verinfo.js

    2. Now press ctrl+w and type

      SECUREDESKTOPBYPASS

    3. Click on enter button and the cursor will go to SECUREDESKTOPBYPASSUSERLIST as shown in the image:

    4. Type the logon user names for whom you want to bypass the DLP rule

      Important

      • Please separate the usernames with comma (",") and make sure there is no comma in the end of userlist.

      • This is RISK based settings.

      • You can add or remove userID's from this list based on your requirement.

      • Make sure if you want this Bypass list to be applied, the Logon user names(USERID) are correct and exact.

      • By default no users are in Bypasslist. So, the DLP rule will get applied to all users.

    5. To save the changes that have been made Press Ctrl+O

    6. press enter after you get the prompt for saving the file with filename

    7. Now press Ctrl+X to exit from the file once all the changes are done.

    Important

    • Do not make any changes in the file name to write.

    • Make sure you do not make any other changes (such as adding space or enter or any other character on any other location by mistake) in this file or some other functionality of VPN gateway will get affected.

    • If unsure, please contact Accops support team for guidance.

    • To exit the verinfo.js File without saving changes made, press ctrl+x and type N so that no changes are saved into the file.

  5. For the Bypass settings to be applied, user will have to logoff and login on HySecure client once the gateway side changes are done.