Configuring Forcepoint DLP policies by severity
After Risk-Adaptive DLP is enabled, Forcepoint DLP policies and action plans can be configured based on Dynamic User Protection severity.
Configure action plans in Forcepoint Security Manager on the Severity & Action tab of the page Policy Management > Manage DLP Policies > Policy Rule.
By default, Dynamic User Protection risk scores correspond to the following severity and risk levels in Forcepoint Security Manager. Severity can be configured as needed:
Dynamic User Protection risk score | Dynamic User Protection risk level | Forcepoint Security Manager risk level |
---|---|---|
0 | None | Level 1 |
1–39 | Low | Level 2 |
40–69 | Medium | Level 3 |
70–89 | High | Level 4 |
90–100 | Critical | Level 5 |
To ensure that your policy is correctly configured, verify that there is at least one Forcepoint DLP policy present for each channel monitored by Forcepoint DLP, including:
- File Transfer – Removable Storage
- File Transfer – Network Share
- Email using Outlook (Windows)
- Printing
- Clipboard
- Web