Configuring Forcepoint DLP policies by severity

After Risk-Adaptive DLP is enabled, Forcepoint DLP policies and action plans can be configured based on Dynamic User Protection severity.

Configure action plans in Forcepoint Security Manager on the Severity & Action tab of the page Policy Management > Manage DLP Policies > Policy Rule.

By default, Dynamic User Protection risk scores correspond to the following severity and risk levels in Forcepoint Security Manager. Severity can be configured as needed:

Dynamic User Protection risk score Dynamic User Protection risk level Forcepoint Security Manager risk level
0 None Level 1
1–39 Low Level 2
40–69 Medium Level 3
70–89 High Level 4
90–100 Critical Level 5

To ensure that your policy is correctly configured, verify that there is at least one Forcepoint DLP policy present for each channel monitored by Forcepoint DLP, including:

  • File Transfer – Removable Storage
  • File Transfer – Network Share
  • Email using Outlook (Windows)
  • Printing
  • Clipboard
  • Web