Content rule templates

Content rules are applied to policy routes to provide specific instructions about what the security policy is looking for, and what to do when it triggers. When you create a content rule, you must select a Content Rule Template on which to base your rule.

Content rules look for conditions that match the What To Look For? clauses and apply the What To Do? actions that have been configured.

Choose your content rule template carefully, as it determines which What To Look For? clauses are included.

You can change the suggested What To Do? actions and add additional actions if required.

Clearswift Gateway provides the following Content Rule templates:

ICAP Gateway

Template	What the rule does...	What to Look For? clauses	Default What to Do? Actions
All Traffic	Allows all traffic.	Always Trigger the Rule	Allow the communication
Analyze Properties	Analyzes document properties for specific lexical expressions.	Analyze Properties, Direction, Which Media Types, Size Restriction	Allow the communication
Check Registered Data	Detects data that been has registered on the Information Governance Server.	Which Media Types, Classification LevelThe Classification Level specifically relates to values that are assigned to items that have been registered on an IG Server. The disposal action will trigger where content passing through the Gateway is matched to content registered on the IG Server, and where the Classification level for the item as set on the IG server is equal or exceeds the level set on the Gateway. If this value is set to 0 on your Gateway, matches to any IG registered items will trigger the disposal action., Direction	Allow the communication
Detect Active Content	Detects active content (such as macros) in selected media types.	Which Media Types	Allow the communication
Detect Filenames	Detects and processes selected filenames based on Filename Lists.	Filename, Direction	Allow the communication
Detect Lexical Expression	Detects and processes unacceptable lexical expressions in selected media types. Note: If you want to scan scripts in the content, select the Scan Embedded Script option and use the Which Media Types clause to include a selection of media types.	Lexical Expression, Which Media Types, Size Restriction, Direction	Allow the communication
Detect Media Types	Detects and processes selected media types.	Which Media Types, Size Restriction Filename, Direction	Allow the communication
Detect Spyware Call Home	Detects spyware attempting to call home from inside the organization.	Spyware Call Home	Allow the communication
Detect Tracking Cookie	Detects cookies that track spyware.	Tracking Cookie Detection	Allow the communication
Detect Virus	Detects viruses.	Virus Detection in Which Media Types	Continue to the next rule Note: We recommend changing this default behavior before applying the Detect Virus rule to your policy.
Download Size Restriction	Applies a user-specified limit to the size of files that can be downloaded.	Download Size Restriction	Allow the communication
Processing of request or response fails	Detects request or response failures of the policy engine.	Request or response has failed to be processed	Allow the communication
Real-time Categorization	Detects content that might not be categorized in Internet zones.	Real-time Categories	Continue to the next rule
Redact Text	Detects unacceptable lexical expressions in selected media types. Attempts to redact content.	Lexical Expression, Which Media Types, Size Restriction, Direction	Redact/Continue (if successful) Allow the communication
Remove Tracking Cookie	Detects and removes spyware-tracking cookies.	Tracking Cookie Detection	Remove the cookie
Safe Search Filtering	Removes explicit or unacceptable content from search engine results.	Search Request Detection	Filter explicit images and video from search site results
Sanitize Active Content	Detects active content (such as macros) in selected media types. Attempts to sanitize content.	Which Media Types, Direction	Sanitize/Continue (if successful) Allow the communication (if unsuccessful)
Sanitize Document Content	Detects meta data and document properties in selected document areas and selected media types. Attempts to sanitize content.	Document properties, Document content, Which Media Types Direction	Sanitize/Continue (if successful) Allow the communication (if unsuccessful)
Size Bypass	Excludes content scanning of file transfers that are larger than a user-specified restriction.	Data Transfer Restriction	Bypass content checks
Structural Validation	Checks for appended data in certain format types. Note: Due to the use of validation images, Structural Validation is not supported for MSN Hotmail.	Always Trigger the Rule	Allow the communication (if unsuccessful)

Content rule templates

See also...