Netskope Help

Create Fingerprint Rules

DLP Fingerprints enable you to protect confidential information by generating a unique DNA (classification) for sensitive files. To create a fingerprint, first create an archive of sensitive files that contain the types of data you want to protect. The contents for these files will be used to find sensitive data. A DLP policy then uses the classification in a rule to capture variants or modified versions of your classified sensitive data.

To create a fingerprint,

  1. Go to Policies > Profiles > DLP, hover over Edit Rules, and then click Fingerprint Classification.

  2. Select Fingerprints, and then click on New Fingerprint

  3. Enter a fingerprint name and click Save.

  4. Click Apply Changes, add a short description, and then click Apply

  5. Locate the fingerprint you just created and click the adjacent menu icon (ellipses), then click the Upload Fingerprint icon.

    ClassificationUpload.png

    Note

    You can also upload the document archive of your sensitive files from your Secure Forwarder to the cloud tenant. For information, see Upload Fingerprint from Secure Forwarder.

  6. Click Select File. Locate and select the document archive of your sensitive files.

  7. Click Open, and then click Upload.

  8. Click Apply Changes, add a short description, and then click Apply.

Upload Fingerprint from Secure Forwarder

You can upload your archive of sensitive files from your Secure Forwarder to the Netskope Cloud.

  1. Using nstransfer account, transfer the fingerprint file to the pdd_data directory on the Secure Forwarder:

    scp <fingerprint_file> nstransfer@<secure_forwarder_host>:/home/nstransfer/pdd_data

    The location of the pdd_data directory varies between the nstransfer and nsadmin user accounts. When using the nstransfer account to copy the file to the appliance, the location of the pdd_data directory is /home/nstransfer/pdd_data. When you log in to the appliance using the nsadmin account, the pdd_data directory is located at /var/ns/docker/mounts/lclw/mountpoint/nslogs/user/pdd_data.

  2. After the file is successfully transferred, log in to the appliance using the nsadmin account.

  3. Run the following command at the Netskope shell prompt to upload the file to the Netskope cloud:

    request dlpfingerprint generate classification <fingerprint-classification> path /var/ns/docker/mounts/lclw/mountpoint/nslogs/user/pdd_data/upload/<file-name>

    The command returns:

    Process with pid 15642 for generating fingerprint has started
    Please use <request dlpfingerprint status> command for checking status
  4. Check the status of the upload:

    request dlpfingerprint status

    The command returns:

    Uploaded classification journal file
    Uploaded md5 classification journal file
    Uploaded fingerprint keys journal file
    Fingerprint generation complete (1/1)
Create Fingerprint Rules
  1. Go to Policies > Profiles > DLP, hover over Edit Rules, and then click Rules.

  2. Click New Fingerprint Rule. Under Settings, select the fingerprint you created previously, and then click Next.

  3. Set the threshold level, which determines how much of the sensitive content in the archive needs to match files being scanned for policy violations. The recommended default value is 70%. Click Next.

  4. Enter a name for this fingerprint rule and click Save.

  5. Click Apply Changes, add a brief description, and then click Apply.

  6. When creating a DLP profile, the fingerprint rule can be selected on the Rule or Classification screen of the DLP Profiles workflow.