How to achieve Print Screen Block Policy for RDP in the FSM/DLP
Part.1
How to create:: Block RDP print screen capture condition.
a. Under Policy management/Resource/Endpoint application/MSTSC
under MSTSC Select permit or block and deploy.
b. Under Policy management/Resource/ Endpoint application group/ create new group RDP block and in edit option add this mstsc.
c. Now you can apply these conditions to the particular policy, Hostname, Particular user.
Part.2
1.under Policy management > Dlp policies >Manage policies > Add > Custom Policy.
2. Give condition to a.Monitor all the activities.
b.Couple of conditions such as file properties, fingerprinting..etc according to customer requirement.
3. Give Severity & Action as Severity-Medium Action plan-Block all.
4. We can mention Source as a bunch of users or all users.
5. Provide the Destination as the Endpoint Applications
6.Under Endpoint Applications edit and add the Predefined condition, which we created to block the RDP print screen capture(Part.1)
Related Articles
DLP endpoint applications monitoring
https://www.websense.com/content/support/library/endpoint/v85/dlp_apps/Endpoint%20apps.pdfDLP AD import failed
We have stopped and disabled the below services. Websense Data Security Manager Server Websense Data Security Message Broker Websense Data Security Batch Server Websense Data Task Scheduler Websense Data Policy Engine Ran the below SQL queries, ...Troubleshoot Crypto Key errors for DLP
Fix cryptokeys issues with below steps: 1. Login FSM Server with Service Account. 2. Open ca.cer from %dss_home% in a notepad copy the key from end of the file. Example: ...Crypto tool Error in DLP
> Login DSS manager server with service account credentials Run > Cmd > Run as administrator cd %dss_home% Cryptotool.exe -k 2 -g (This screenshot helps me to check what was broken, machine.key or ep_cluster.key or ...Used cases demonstrated for Endpoint DLP POC
The used cases deployed during the POC.