If external DLP scan is applied, the file is sent over the secure tunnel to the customer environment where it's relayed to the ICAP appliance for the DLP verdict: allowed/blocked. Architectureĭefender for Cloud Apps scans your cloud environment and based on your file policy configuration, decides whether to scan the file using the internal DLP engine or the external DLP. This guide provides the steps necessary for configuring the ICAP connection in Defender for Cloud Apps and the stunnel setup to secure communication through it. The stunnel setup provides TLS encryption functionality to your data as it travels between your DLP server and Defender for Cloud Apps. To secure ICAP for transmission of your data, it's required to set up a secure TLS tunnel (stunnel) between your DLP solution and Defender for Cloud Apps. Integration is accomplished by using the standard ICAP protocol, an http-like protocol described in RFC 3507. The platform exports easy-to-use interfaces including REST API and ICAP, enabling integration with content classification systems such as Symantec Data Loss Prevention (formerly Vontu Data Loss Prevention) or Forcepoint DLP. ![]() Microsoft Defender for Cloud Apps can integrate with existing DLP solutions to extend these controls to the cloud while preserving a consistent and unified policy across on-premises and cloud activities. ![]() For more information about these changes, see Microsoft Defender for Cloud Apps in Microsoft 365 Defender. It improves your operational efficiency with better prioritization and shorter response times which protect your organization more effectively. ![]() Microsoft 365 Defender correlates signals from the Microsoft Defender suite across endpoints, identities, email, and SaaS apps to provide incident-level detection, investigation, and powerful response capabilities. Microsoft Defender for Cloud Apps is now part of Microsoft 365 Defender and can be accessed through its portal at.
0 Comments
Leave a Reply. |