Create Fingerprint Rules

Create Fingerprint Rules

This feature requires Advanced DLP. Reach out to your account executive or support@netskope.com for more information.

DLP Fingerprints enable you to protect confidential information by generating a unique DNA (classification) for sensitive files. To create a fingerprint, first create an archive of sensitive files that contain the types of data you want to protect. The contents for these files will be used to find sensitive data. A DLP policy then uses the classification in a rule to capture variants or modified versions of your classified sensitive data.

To create a fingerprint:

  1. Go to Policies > Profiles > DLP, hover over Edit Rules, and then click Fingerprint Classification.
  2. Select Fingerprints, and then click on New Fingerprint
  3. Enter a fingerprint name and click Save.
  4. Click Apply Changes, add a short description, and then click Apply
  5. Locate the fingerprint you just created and click the adjacent menu icon (ellipses), then click the Upload Fingerprint icon.
    ClassificationUpload.png

    Note

    You can also upload the document archive of your sensitive files from your Virtual Appliance to the cloud tenant. For information, see Upload a Fingerprint File from a Virtual Appliance.

  6. Click Select File. Locate and select the document archive of your sensitive files.
  7. Click Open, and then click Upload.
  8. Click Apply Changes, add a short description, and then click Apply.

Upload a Fingerprint File from a Virtual Appliance

You can upload your archive of sensitive files from your Virtual Appliance to the Netskope Cloud.

  1. Using nstransfer account, transfer the fingerprint file to the pdd_data directory on the Virtual Appliance:
    scp <fingerprint_file> nstransfer@<virtual_appliance_host>:/home/nstransfer/pdd_data

    The location of the pdd_data directory varies between the nstransfer and nsadmin user accounts. When using the nstransfer account to copy the file to the appliance, the location of the pdd_data directory is /home/nstransfer/pdd_data. When you log in to the appliance using the nsadmin account, the pdd_data directory is located at /var/ns/docker/mounts/lclw/mountpoint/nslogs/user/pdd_data.

  2. After the file is successfully transferred, log in to the appliance using the nsadmin account.
  3. Upload the file to Netskope cloud. If your file name contains special characters, then you may need to use / or " " to escape the characters in the argument. To learn more: List of special characters to be escaped in command line argument.

    Run the following command at the Netskope shell prompt to upload the file:

    request dlpfingerprint generate classification <fingerprint-classification> path /var/ns/docker/mounts/lclw/mountpoint/nslogs/user/pdd_data/upload/<file-name>

    The command returns:

    Process with pid 15642 for generating fingerprint has started
    Please use <request dlpfingerprint status> command for checking status
  4. Check the status of the upload:
    request dlpfingerprint status

    The command returns:

    Uploaded classification journal file
    Uploaded md5 classification journal file
    Uploaded fingerprint keys journal file
    Fingerprint generation complete (1/1)

Create Fingerprint Rules

  1. Go to Policies > Profiles > DLP, hover over Edit Rules, and then click Rules.
  2. Click New Fingerprint Rule. Under Settings, select the fingerprint you created previously, and then click Next.
  3. Set the threshold level, which determines how much of the sensitive content in the archive needs to match files being scanned for policy violations. The recommended default value is 85%. Click Next.
  4. Enter a name for this fingerprint rule and click Save.
  5. Click Apply Changes, add a brief description, and then click Apply.
  6. When creating a DLP profile, the fingerprint rule can be selected on the Rule or Classification screen of the DLP Profiles workflow.

List of Special Characters to be Escaped in a Command Line Argument

When providing file names with special characters in a command line argument, you may need to use / or " " to escape the characters. The following table provides the list of special characters.

CharacterUnicodeName
`U+0060 (Grave Accent)Backtick
~U+007ETilde
!U+0021Exclamation mark
#U+0023 Number signHash
$U+0024Dollar sign
&U+0026Ampersand
*U+002AAsterisk
(U+0028Left Parenthesis
)U+0029Right Parenthesis
U+0009Tab
{U+007B Left Curly BracketLeft brace
[U+005BLeft Square Bracket
|U+007C Vertical LineVertical bar
U+005C Reverse SolidusBackslash
;U+003BSemicolon
'U+0027 ApostropheSingle quote
"U+0022 Quotation MarkDouble quote
↩U+000A Line FeedNewline
<U+003CLess than
>U+003EGreater than
?U+003FQuestion mark
U+0020Space
Share this Doc

Create Fingerprint Rules

Or copy link

In this topic ...