Topic: «White listing of http sites»
Hopefully this is a simple question. http auditing and shadowing for outbound files is turned on. DL seems to capture a number of outbound transfers to some of our internal servers such as MS Exchange address books from Outlook. In the shadow log viewer in the server, the "File Name" looks something like,
So, I created some white list entries for the http protocol, yet the traffic continues to be captured and shadowed. Examples of white list entries I created:
exchsvr, ports 1-65535
exchsvr.domain.local ports 1-65535
*.domain.local ports 1-65535
<IP Address of server>, ports 1-65535
None of these have successfully blocked logging of outbound http files to this server.
|Posted: 03/24/2011 01:15:47|
Forwarding to tech support, ticket number 17730.
This is incorrect functionality, whitelisted protocols should not be audited/shadowed by default.
However, in future versions an option will be added, enable or disable shadowing for protocols in white list.
|Posted: 03/25/2011 12:50:47|