Defining Resources

Administrator Help | Forcepoint DLP | Version 8.6.x

In a policy, administrators can define:

Data sources and destinations

(With some subscriptions) The endpoint device or application that may be used

The remediation action to take when a violation is discovered (such as block or notify)

In Forcepoint DLP, these are cumulatively known as resources.


	Important If no resources are defined, the policies and rules apply to all users, computers, networks, devices, and so on in the deployment.

Select a resource type to define on the Main > Policy Management > Resources page in the Data Security module of the Forcepoint Security Manager. Resources are grouped into 3 general areas: General, Endpoint, and Remediation.

General resources

There are many possible sources (origins) and destinations of information in an organization. Define the following types of source and destination resources, then specify which to include and exclude in specific policies and rules.

User directory entries are users or groups that may be a source or destination of sensitive data. These entries are imported from your user directory.

Custom user directory groups are derived from custom LDAP queries, and may also send or receive sensitive data.

Custom users are not included in the user directory, but may be a source or destination of sensitive data.

Custom computers are not included in the user directory, but may be a source or destination of sensitive data.

Networks may be a source or destination of sensitive data.

Business Units may be a source or destination of sensitive data.

Domains may be a source or destination of sensitive data.

URL categories may be a source or destination of sensitive data.

Endpoint resources

These resources are only available to accounts with a Forcepoint DLP Endpoint subscription.

Endpoint Devices may be the source or destination of sensitive data.

Endpoint Applications may be a source or destination of sensitive data on endpoint machines.

Endpoint Application Groups may be a source or destination of sensitive data on endpoint machines.

Endpoint Printers may be a source or destination of sensitive data.

Remediation resources

Action Plans define the action to take when a breach is discovered.

Remediation scripts define the external script to run when a breach is discovered. (Not available with all subscriptions.)

Notifications can be sent to a specific person or email alias when a breach is discovered.