Deletes the message that caused a policy violation.

If the check box is selected, the application deletes the message that violated the policy. A message is deleted if any part of the message (header, content, or any attachment) violates a policy.

If the check box is cleared, the application skips the message without changes.

Regardless of whether or not the check box is selected, when a policy is violated the application logs the event as a possible data leak and creates an incident.

The check box is cleared by default.

Assessment of the danger of a potential data leak.

This drop-down list lets you select the priority that the application assigns to an incident upon policy violation: Low, Medium, High. The priority reflects the degree of danger of policy violation and the urgency with which the incident must be processed.

The default value is Low.

A message copy is attached to incident information.

If the check box is selected, the application attaches a copy of the message that caused a policy violation to incident information for subsequent analysis.

If the check box is cleared, the application does not attach a message copy to incident information.

The check box is selected by default.

Adding of policy violation records to Windows Event Viewer.

If the check box is selected, the application records the following policy violation event in Windows Event Viewer: “Level=Warning; Source=KSCM8; Event ID=16000”. The event description contains information about the sender, the recipients, the message subject, about a violated policy and the associated category.

Events about a policy violation may be useful if you use automated systems for collection and analysis of security events (SIEM, Security Information and Event Management) to monitor the state of the organization's information security. Using these events you can obtain topical information on incidents that arise when you are not using the Management Console.

If the check box is cleared, events are not recorded in Windows Event Viewer.

The check box is cleared by default.

A policy violation notification is sent to the addresses of security officers.

If the check box is selected, upon a policy violation the application sends a violation notification to the address(es) of security officers. The address or list of addresses of security officers must be specified in advance in the Data Leak Prevention node.

If the check box is cleared, the application does not send notifications to security officers.

The check box is cleared by default.

Delivery of a policy violation notification to the message sender.

If the check box is selected, upon a policy violation the application sends a notification to the message sender with information about the violation.

If the check box is cleared, the application does not send a notification to the message sender.

The check box is cleared by default.

Delivery of a policy violation notification to the message sender's manager.

If the check box is selected, upon a policy violation the application sends a notification to the message sender's manager with information about the violation. The application retrieves the address of the sender's manager from Active Directory®.

If the check box is cleared, the application does not send a notification to the message sender's manager.

The check box is cleared by default.

Delivery of policy violation notifications to additional addresses.

If the check box is selected, upon a policy violation the application sends a violation notification to the additional addresses specified in the entry field.

If the check box is cleared, the application does not send a notification to additional addresses.

The check box is cleared by default.

List of additional addresses of notification recipients. Addresses in the list must be separated with a semicolon.

The field is active if the Additionally check box is selected.

This entry field is blank by default.