Open with table of contents

What To Do? Actions

What To Do? actions determine the outcome of content rules. They specify how the Gateway should handle content that has been detected.

You can add additional What Else To Do? actions to a content rule. For example, in addition to holding or blocking a virus, you might want to Generate an Inform to notify an administrator.

Tell me about...

• Generate an Inform

  The Generate an Inform action sends a notification email to specified recipients to inform them of the actions taken during Gateway message processing. For example, you can automatically inform an individual that the Gateway detected a threat, such as a virus, in an email.

  To configure a Generate an Inform action:

  1. Specify the conditions required for the inform to be sent:

     • If the "What to Look For?" conditions are met
     • If the conditions are met AND the disposal action is performed
     • If the conditions are met BUT the disposal action is not performed

  2. Select an inform from a list of available templates and customize the content.

     To create a new inform template, select (Create a new inform) from the drop-down menu and Save your changes. The inform is displayed as Using the template: 'Inform for [content rule name]'. Click the template name to modify the Inform.

  3. Specify the recipients who will receive the inform message:

     • Server Administrator: The system administrator.
     • This email address: An email address that you specify.

  Using Informs with an IG Server

  If you are using an IG Server, you can also copy the inform to document owners so that document owners who have registered documents on the IG Server can be notified of policy violations.

  Using informs with the Check Registered Data content rule when alerting Information Governance policy matches To lessen the chances of an unauthorized user having access to personal and confidential information provided by a Gateway inform, we recommend that if an inform is configured to be sent to anyone other than an IGS Compliance Officer, you take the following steps: Do not include the original or modified message, or textual analysis results Keep the inform message subject and body short with only minimum information Inform tokens act as substitutions for variables such as URL or the message sender. You should use the minimum number of inform tokens when configuring an inform, ideally %DATE%, %SENDER%, %UNIQUEID% and %DOC_NAME% only. Do not use inform tokens that could expose content of the email, for example %RCPTS% and %SUBJECT%. For a full list of inform tokens that you can use for IG Server queries, see Using Tokens in Content Rules and Policy References. You should also consider configuring separate Informs for Compliance Officers and other IGS roles. You can then configure the Compliance Officer Inform to provide more information.

See also...

• Content Rules
• Primary Actions
• About Informs
• Alert Settings
• Using Tokens