Technical Library
|
Support
Table of Contents
Overview
TRITON AP-DATA basics
TRITON AP-DATA appliances
TRITON AP-DATA databases
What can I protect?
Data classification
Managing TRITON AP-DATA
TRITON AP-WEB mode
TRITON AP-EMAIL mode
Navigating the System
TRITON AP-DATA's navigation and content panes
Main options
Settings options
Dashboard
Deploy button
Icons
Breadcrumbs
Check boxes
Pagination
Initial Setup
Entering your subscription key
Defining general system settings
Configuring user directory server settings
Setting up alerts
Setting up notifications
Configuring system modules
Configuring the protector
General tab
Networking tab
Local Networks tab
Services
Deploying your settings
Viewing Status
Viewing the Dashboard
Monitoring system health
Viewing endpoint status
Viewing mobile device status
Viewing deployment status
Viewing Incidents and Reports
The report catalog
Editing a report
General tab
Filter tab
Table Properties tab
Editing a trend report
Scheduling tasks
Scheduling a new task
Running a scheduled task now
Viewing the incident list
Previewing incidents
Managing incident workflow
Assigning incidents
Locking and unlocking incidents
Changing incident status
Changing incident severity
Ignoring incidents
Tagging incidents
Adding comments
Downloading incidents
Deleting incidents
Remediating incidents
Releasing incidents
Running remediation scripts on incidents
Escalating incidents
Emailing incidents to the manager of the person who generated the incident
Email incidents to another
Managing incident reports
Editing report filters
Editing table properties
Applying a column filter
Saving reports
Grouping incidents
Deleting incidents
Printing or exporting incidents to PDF
Tuning policies
Excluding source from rules
Disabling policies
Disabling rules
Data Loss Prevention reports
DLP dashboard
Top violated policies
User risk summary (all incidents)
User risk summary (data theft risk indicators)
Incident risk ranking
My cases
Violations by severity and action
Top sources and destinations
Incident trends
Incident status
Incidents by geographical location
Mobile devices reports
Top violated mobile policies
Top synced messages
Mobile PII violations
Mobile credit card violations
Discovery reports
Discovery dashboard
Sensitive data reports
Policies Overview
What's in a policy?
Viewing policies
Editing a policy
Update rules of current policy
Update exceptions of current rule
Update rules of multiple policies
Update exceptions of multiple rules
Delete policies
Policy levels
Adding a new policy level
Deleting a policy level
Rearranging policy levels
Selecting items to include or exclude in a policy
Configuring the Email Data Loss Prevention Policy
Configuring outbound and inbound attributes
Defining policy owners
Identifying trusted domains
Configuring the Web Data Loss Prevention Policy
Configuring Web attributes
Selecting Web destinations
Defining policy owners
Configuring the Mobile Data Loss Prevention Policy
Configuring attributes
Defining policy owners
Using Predefined Policies
Adding a predefined policy
Welcome
Regions
Industries
Finish
Policy list
Changing the policies you selected
Changing your industry or region
Creating Custom DLP Policies
Custom Policy Wizard - General
Custom Policy Wizard - Condition
Viewing or editing conditions and thresholds
Custom Policy Wizard - Severity & Action
Custom Policy Wizard - Source
Custom Policy Wizard - Destination
Rule Wizard - Finish
Selecting a content classifier
Patterns & Phrases
Properties tab
File Properties
Properties tab
Fingerprint
Properties tab
Machine Learning
Transaction Size
Number of Email Attachments
Number of Email Destinations
Managing rules
Adding exceptions
Rearranging exceptions
Adding a new exception
Exception Wizard - General
Exception Wizard - Properties
Exception Wizard - Severity & Action
Exception Wizard - Finish
Classifying Content
Details pane
Patterns & Phrases
Adding or editing a regular expression classifier
Adding a key phrase classifier
Adding a dictionary classifier
File properties
Adding a file-type classifier
Adding a file-name classifier
Adding a file-size classifier
Scripts
Editing a predefined script
File fingerprinting
File System Fingerprinting
File System Fingerprinting Wizard - General
File System Fingerprinting Wizard Root Folder
File System Fingerprinting Wizard - Scanned Files
File System Fingerprinting Wizard - Scheduler
File System Fingerprinting Wizard - File Filtering
File System Fingerprinting Wizard - Export
File System Fingerprinting Wizard - Finish
SharePoint Fingerprinting
SharePoint Fingerprinting Wizard - General
SharePoint Fingerprinting Wizard Site Root
SharePoint Fingerprinting Wizard - Scanned Documents
SharePoint Fingerprinting Wizard - Scheduler
SharePoint Fingerprinting Wizard - File Filtering
SharePoint Fingerprinting Wizard - Export
SharePoint Fingerprinting Wizard - Finish
Domino Fingerprinting
Domino Fingerprinting Wizard - General
Domino Fingerprinting Wizard Server
Domino fingerprinting Wizard - Scanned Documents
Domino Fingerprinting Wizard - Scheduler
Domino Fingerprinting Wizard - Document Filtering
Domino Fingerprinting Wizard - Attachment Filtering
Domino Fingerprinting Wizard - Export
Domino Fingerprinting Wizard - Finish
Database fingerprinting
Connecting to data sources
Preparing for database fingerprinting
Creating a Data Source Name (DSN) in Windows
Creating a validation script
Selecting the data to fingerprint
How matches are counted
Creating a database fingerprint classifier
Database Fingerprinting Wizard - General
Database Fingerprinting Wizard - Data Source/Site
Database table
Salesforce site
CSV file
Database Fingerprinting Wizard - Field Selection
Salesforce site
Database Fingerprinting Wizard - Scheduler
Database Fingerprinting Wizard - Fingerprinting Type
Database Fingerprinting Wizard - Export
Database Fingerprinting Wizard - Finish
Imported fingerprinting
Import Fingerprint Wizard - Import Source
Import Fingerprint Wizard - Properties
Import Fingerprint Wizard - Scheduler
Import Fingerprint Wizard - Finish
Machine learning
Machine Learning Wizard - General
Machine Learning Wizard - Credentials
Machine Learning Wizard - Scanned Folders
Machine Learning Wizard - Scheduler
Machine Learning Wizard - Finish
Creating a rule from a content classifier
Defining Resources
Sources and destinations
User directory entries
Custom user directory groups
Custom users
Custom computers
Networks
Domains
URL categories
Business Units
Endpoint Devices
Endpoint Applications
Endpoint Application Groups
Endpoint Printers
Applying a column filter
Adding custom application groups
Remediation
Action Plans
Adding a new action plan
Remediation scripts
Adding a new remediation script
Notifications
Adding a new message
Creating Discovery Policies
Creating a discovery policy
Scheduling the scan
Performing file system discovery
Performing SharePoint discovery
Performing Domino discovery
Performing Box cloud discovery
Performing database discovery
Performing Exchange discovery
Performing Outlook PST discovery
Performing endpoint discovery
Viewing discovery status
Viewing discovery results
Updating discovery
Configuring discovery incidents
Copying or moving discovered files
Preparing and running the remediation scripts
Scheduling Discovery Tasks
Scheduling network discovery tasks
File System tasks
File System Discovery Task Wizard - General
File System Discovery Task Wizard - Networks
File System Discovery Task Wizard - Scanned Folders
File System Discovery Task Wizard - Scheduler
File System Discovery Task Wizard - Policies
File System Discovery Task Wizard - File Filtering
File System Discovery Task Wizard - Advanced
File System Discovery Task Wizard - Finish
SharePoint tasks
SharePoint Discovery Task Wizard - General
SharePoint Discovery Task Wizard - Site Root
SharePoint Discovery Task Wizard - Scanned Documents
SharePoint Discovery Task Wizard - Scheduler
SharePoint Discovery Task Wizard - Policies
SharePoint Discovery Task Wizard - File Filtering
SharePoint Discovery Task Wizard - Advanced
SharePoint Discovery Task Wizard - Finish
Box Cloud tasks
Box Cloud Discovery Task Wizard - General
Box Cloud Discovery Task Wizard - Permissions
Box Cloud Discovery Task Wizard - Scanned Accounts
Box Cloud Discovery Task Wizard - Scheduler
Box Cloud Discovery Task Wizard - Policies
Box Cloud Discovery Task Wizard - File Filtering
Box Cloud Discovery Task Wizard - Advanced
Box Cloud Discovery Task Wizard - Finish
Database tasks
Database Discovery Task Wizard - General
Database Discovery Task Wizard - Data Source Name
Database Discovery Task Wizard - Scheduler
Database Discovery Task Wizard - Policies
Database Discovery Task Wizard - Table Filtering
Database Discovery Task Wizard - Advanced
Database Task Wizard - Finish
Exchange tasks
Exchange Discovery Task Wizard - General
Exchange Discovery Task Wizard - Exchange Servers (online)
Exchange Discovery Task Wizard - Exchange Servers (local)
Exchange Discovery Task Wizard - Mailboxes
Exchange Discovery Task Wizard - Scheduler
Exchange Discovery Task Wizard - Policies
Exchange Discovery Task Wizard - Filtering
Exchange Discovery Task Wizard - Advanced
Exchange Discovery Task Wizard - Finish
Outlook PST tasks
Outlook Discovery Task Wizard - General
Outlook Discovery Task Wizard - Scanned Folder
Outlook Discovery Task Wizard - Scheduler
Outlook Task Discovery Wizard - Policies
Outlook Discovery Task Wizard - Filtering
Outlook Discovery Task Wizard - Advanced
Outlook Discovery Task Wizard - Finish
Domino tasks
Domino Discovery Task Wizard - General
Domino Discovery Task Wizard - Server
Domino Discovery Task Wizard - Scanned Documents
Domino Discovery Task Wizard - Scheduler
Domino Discovery Task Wizard - Policies
Domino Discovery Task Wizard - Document Filtering
Domino Discovery Task Wizard - Attachment Filtering
Domino Discovery Task Wizard - Advanced
Domino Discovery Task Wizard - Finish
Scheduling endpoint discovery tasks
Endpoint Discovery Task Wizard - General
Endpoint Discovery Task Wizard - Endpoints
Endpoint Discovery Task Wizard - Scheduler
Endpoint Discovery Task Wizard - Policies
Endpoint Discovery Task Wizard - File Filtering
Endpoint Discovery Task Wizard - Advanced
Endpoint Discovery Task Wizard - Finish
Viewing Logs
Viewing logs
Traffic log
System log
Audit log
General System Settings
Setting reporting preferences
Setting general preferences
Setting preferences for data loss prevention incidents
Setting preferences for discovery incidents
Setting preferences for mobile incidents
Backing up the system
Scheduling backups
Monitoring backups
Backup folder contents
Restoring the system
Exporting incidents to a file
Endpoints
Email Domains tab
Disk Space tab
Advanced tab
Mobile device settings
Remediation
Mail servers
Alerts
Setting general alert preferences
Setting up email properties
Editing outgoing mail server properties
Archive storage
Services
Linking Service
Importing URL categories
User directory settings
Adding a new user directory server
Rearranging user directory servers
Importing users
Scheduling import
Importing user entries from a CSV file
Archiving Incident partitions
Remote SQL Server machines
Archiving a partition
Restoring a partition
Deleting a partition
Archive threshold
Updating predefined policies and classifiers
Viewing your update history
Installing policy updates
Restoring policies to a previous version
Determining the policy version you have
Entering subscription settings
Subscription alerts
Configuring Authorization
Defining administrators
Viewing administrators
Editing administrators
Select Incidents
Select Policies
Select Business Units
Working with roles
Adding a new role
Customizing settings
Managing System Modules
Adding modules
Configuring modules
Configuring the management server
Configuring a supplemental TRITON AP-DATA Server
Configuring the fingerprint repository
Configuring the endpoint server
Configuring the crawler
Configuring the forensics repository
Configuring the policy engine
Configuring the optical character recognition (OCR) server
Adding or editing an OCR server
Configuring the protector
General tab
Networking tab
Local Networks tab
Services tab
Configuring ICAP
General tab
HTTP tab
FTP tab
Configuring the Web Content Gateway module
General tab
HTTP/HTTPS tab
FTP tab
Configuring the AP-EMAIL module
Configuring the Email Gateway module
Configuring the integration agent
Configuring the mobile agent
General tab
Connection tab
Analysis tab
Configuring the analytics engine
Configuring the TRITON AP-DATA Cloud App Security agent
Cloud services
Connecting to cloud services
Configuring protector services
Configuring SMTP
General tab
Traffic Filter tab
SMTP Filter tab
Mail Transfer Agent (MTA) tab
Encryption & Bypass tab
Configuring HTTP
General tab
Traffic Filter tab
HTTP Filter tab
Advanced tab
Configuring FTP
General tab
Traffic Filter tab
Configuring plain text
General tab
Traffic Filter tab
Advanced tab
Removing modules
Balancing the load
Defining load balancing distribution
Configuring Endpoint Deployment
Viewing and managing endpoint profiles
Configuring encryption for removable media
Adding an endpoint profile
General tab
Servers tab
Properties tab
Encryption tab
Rearranging endpoint profiles
Deploying endpoint profiles
Backing up encryption keys
Restoring encryption keys
Configuring endpoint settings
Monitoring endpoint removable media
Selecting endpoint destination channels to monitor
Bypassing endpoint clients
Updating the endpoint client
Using the endpoint client software
Troubleshooting
Problems and Solutions
Discovery
Endpoint
User name does not display on endpoint list in the TRITON Manager
Endpoint shield does not display on the client computer
Failed to deploy endpoint configuration
Fingerprinting
File has no fingerprint
Validation script timeout
No connectivity to fingerprint database
Other fingerprinting errors
Incidents
Cannot clear data out of Discovery Dashboard even when incidents are set to ignored
Event log shows audited events, but no incident is created
Incident export lacks Discovery incidents
NLP policy isn't being triggered, and events are undetected
Miscellaneous
Failed user directory import
Wrong default email address displays
Error 400, bad request
Invalid Monitoring Policy XML File
Performance
Discovery and fingerprinting scans are slow
Linking Service
Linking Service stops responding
System alerts that linking service is not accessible
Buttons in TRITON Manager tray return error
Online Help
Technical Support
How Do I...
Archive my incident data?
Configure a DLP policy?
Define an exception?
Filter incidents?
Fingerprint data?
Ignore sections of my document when fingerprinting?
Fingerprint specific field combinations in a database table?
Mitigate false positives in pattern or dictionary phrases?
Move from monitor to protect?
Perform discovery?
Glossary
Copyrights
Trademarks
Other Acknowledgments
Copyright 2016 Forcepoint LLC. All rights reserved.
