What To Do? Actions

What To Do? actions determine the outcome of content rules. They specify how the Gateway should handle content that has been detected.

Each content rule operates with a principal What To Do? action called a Primary Action. For example, in a Detect Virus content rule, the Primary Action might be Continue to the next rule.

To find out more about configuring Primary Actions, see Working with Primary Actions

Each policy route also has a specified Primary Action which applies when none of the attached content rules are triggered.

You can add additional What Else To Do? actions to a content rule. For example, in addition to holding or blocking a virus, you might want to Generate an Inform to notify an administrator.

Tell me about...

Generate an Inform

The Generate an Inform action sends a notification email to specified recipients to inform them of the actions taken during Gateway message processing. For example, you can automatically inform an individual that the Gateway detected a threat, such as a virus, in an email.

To configure a Generate an Inform action:

Specify the conditions required for the inform to be sent:
- If the "What to Look For?" conditions are met
- If the conditions are met AND the disposal action is performed
- If the conditions are met BUT the disposal action is not performed

Select an inform from a list of available templates and customize the content.

To create a new inform template, select (Create a new inform) from the drop-down menu and Save your changes. The inform is displayed as Using the template: 'Inform for [content rule name]'. Click the template name to modify the Inform.

Specify the recipients who will receive the inform message:
- Server Administrator: The system administrator.
- This email address: An email address that you specify.

Using Informs with an IG Server

If you are using an IG Server, you can also copy the inform to document owners so that document owners who have registered documents on the IG Server can be notified of policy violations.

Using informs with the Check Registered Data content rule when alerting Information Governance policy matches

To lessen the chances of an unauthorized user having access to personal and confidential information provided by a Gateway inform, we recommend that if an inform is configured to be sent to anyone other than an IGS Compliance Officer, you take the following steps:

Do not include the original or modified message, or textual analysis results
Keep the inform message subject and body short with only minimum information
Inform tokens act as substitutions for variables such as URL or the message sender. You should use the minimum number of inform tokens when configuring an inform, ideally %DATE%, %SENDER%, %UNIQUEID% and %DOC_NAME% only. Do not use inform tokens that could expose content of the email, for example %RCPTS% and %SUBJECT%. For a full list of inform tokens that you can use for IG Server queries, see Using Tokens in Content Rules and Policy References.

You should also consider configuring separate Informs for Compliance Officers and other IGS roles. You can then configure the Compliance Officer Inform to provide more information.

What To Do? Actions

Tell me about...

See also...