Domino Fingerprinting Wizard - General

Forcepoint DLP can fingerprint documents stored in an IBM Domino data management system.

Domino environments normally consist of one or more servers working together with data stored in Notes Storage Format (NSF) files. There are usually many NSF files on a Domino server. Each entry in the NSF may have a title, one or more body fields, and attachments. For example:

  • An NSF for email might have the fields: subject, to, from, bcc, body, and attachment.
  • An NSF for inventory management might have the fields: catalog number, title, description, and expiration date.

A fingerprinting task treats the body of a document and each of its attachments as a separate item. This enables the system to show the full path down to the item inside a document that caused a breach.

Use the General page of the Domino fingerprinting wizard to name the classifier and configure its high-level properties:

Steps

  1. Enter a Name for the files you are fingerprinting, such as “finance documents.”
  2. Enter a Description of this set of documents.
  3. Use the Crawler drop-down list to elect which crawler to use to perform this fingerprinting.
    • The crawler is the agent that scans documents looking for sensitive data. There may be several in a network if there are many documents to manage.
    • Typically, it is best to select the crawler closest in proximity to the file folder or Domino server.
  4. Under Fingerprinting Mode, select which type of fingerprinting to perform:
    • Select Sensitive content to identify the content files and documents to fingerprint.
    • Select Ignored section to identify parts of secured documents that the system should not analyze. This might include disclaimers, copyrights, and logos.

      Ignored sections are immediately enforced for every fingerprint. It is not necessary to add Ignored Section classifiers to a rule or policy. The classifier filters out files that are being fingerprinted before they’re fingerprinted.

  5. Under Fingerprinting Method:
    • Select Content similarity to look for similarities between the scanned content and the file. This method provides greater security, because it detects sections of the document as well as exact file matches.
    • Select Exact match to find only exact matches (the scanned content matches the binary signature for the entire file). This method is quicker, but will not find a match if even 1 character in the file is changed.

    For large directory structures with many files, Forcepoint recommends you initially set up an exact match classifier for immediate protection, then go back and change it to content similarity.

  6. Click Next to continue. See Domino Fingerprinting Wizard - Server section.