cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask the community

SMTP DLP

Go to solution
rfletcher
New Contributor III

‎05-24-2021 11:51 AM - last edited on ‎10-22-2021 02:45 PM by

Anyone using the new SMTP DLP functionality? If you are, how are you doing your alerting to users about blocking/intercepting emails? 

-Ryan
Labels:
1 Solution
Go to solution
sshiflett
Netskope
Netskope

‎05-24-2021 12:35 PM

The Netskope SMTP DLP functionality leverages an SMTP proxy and integrates with Office365, Gmail, or your MTA to perform alerting and user education.  When Netskope DLP detects a violation, we take the administrator specified action which is usually inserting a header.  You then configure Office365 or your MTA to take action based on this header.  The alerting can either come from a Netskope email alert that's triggered when the policy hits(screenshot below) or the MTA can alert the user when they take action.  The latter will be dependent on the MTA provider but if you have a specific one in mind I can check if we have a sample configuration.sshiflett_0-1621884875623.png

 


Sam Shiflett
Netskope Sales Engineer - North Florida

View solution in original post

3 Replies 3
Go to solution
sshiflett
Netskope
Netskope

‎05-24-2021 12:35 PM

The Netskope SMTP DLP functionality leverages an SMTP proxy and integrates with Office365, Gmail, or your MTA to perform alerting and user education.  When Netskope DLP detects a violation, we take the administrator specified action which is usually inserting a header.  You then configure Office365 or your MTA to take action based on this header.  The alerting can either come from a Netskope email alert that's triggered when the policy hits(screenshot below) or the MTA can alert the user when they take action.  The latter will be dependent on the MTA provider but if you have a specific one in mind I can check if we have a sample configuration.sshiflett_0-1621884875623.png

 


Sam Shiflett
Netskope Sales Engineer - North Florida
Go to solution
bob
Moderator
Moderator

‎05-24-2021 12:58 PM

Here is a demo I recorded of the Email DLP workflow for O365 Exchange https://resources.netskope.com/products-capabilities-data-protection/demo-email-dlp

As @sshiflett shared, the native support without an MTA relies on an email notification.

We have had requests for real-time user notifications and coaching pages. The SMTP proxy mechanism makes real-time pop-up notifications and coaching more difficult given that often times email is not consumed via a browser or even via a device that is steering Netskope traffic. The beauty of this approach is that it covers all ways email is accessed. It is just that the out-of-band nature of the approach makes real-time notifications difficult.

We will continue to look at ways to better incorporate additional notification mechanisms including leveraging the fact that you have a Netskope client.

Go to solution
rfletcher
New Contributor III
In response to bob

‎05-25-2021 03:22 AM

Thanks Bob. My issue with utilizing the netskope related alerts is they really lack in information to an end user. There's very little customizability in the notification with respect to email variables (subject, sender, recipient, action) and I'm currently exploring other options for notification to end users via our mailflow products since Microsoft isn't exactly helpful either in this case. 

-Ryan
0 Likes
Top Liked Authors
Show More

In order to view this content, you will need to sign in to your account. Simply click the "Sign In" button below

Sign In