Whitelists

Whitelists are collections of items that you want the system to ignore.

You can whitelist content, devices, processes, and user groups.

Whitelists in data protection rules

You can specify whitelisted processes for clipboard and printer protection rules in the Policy Catalog Windows client configuration on their respective pages. You can specify whitelisted URLs on the Web Protection page. Because these whitelists are applied at the client, they work with all clipboard, printer, and web protection rules. Clipboard and printer protection rules ignore content produced by whitelisted processes. Web protection rules are not enforced on whitelisted URLs.

You can specify whitelisted processes for text extraction on the Content Tracking page. Depending on the definition, the text extractor does not analyze files or content fingerprinting opened by the specified application, or does not create dynamic fingerprints for web upload. The definition can specify specific folders and extensions, allowing granular control what is whitelisted. If no folder is named, the process is not monitored by application file access rules.

Whitelists in device rules

You can create whitelisted plug and play items in the DefinitionsDevice ControlDevice Templates page in the DLP Policy Manager.

Some plug and play devices do not handle device management well. Attempting to manage them might cause the system to stop responding or cause other serious problems. Whitelisted plug and play devices are automatically excluded when a policy is applied.

Note: Whitelisted plug and play definitions are not applicable on OS X operating systems.

The Exceptions tab in device control rules is defined by whitelists that are specific to the rule that contains them. The whitelists exclude the specified definitions from the rule.

  • Excluded Users — Used in all device rules
  • Excluded Device Definitions — Used in all device rules except Citrix and TrueCrypt
  • Excluded Processes — Used in plug and play and removable storage rules
  • Excluded Serial Number & User Pairs — Used in plug and play and removable storage rules
  • Excluded File names — Used in removable storage file access rules to exempt files such as anti-virus applications