System administrators enable data loss prevention (DLP) content scanning (SETTINGS > System > Content Scanning > DLP) at the MOVEit Transfer system level. Only one anti-virus (AV) and/or data loss prevention scanner per system is expected. MOVEit Transfer Organization Administrators can disable a currently configured DLP scanner at the individual organization level.
The DLP settings page allows administrative users to:
Enable or disable scanning for DLP policy violations for this organization
Create sets of rules called rulesets that apply actions when data submitted to a DLP scanner violate specific DLP policies configured for the scanner
Note: User classes may not be assigned to user groups.
Assign rulesets to user classes
Note: To assign rulesets to a user, you do so within the User Profile page for User Settings.
Enable for this Organization: Select Enabled to begin DLP scanning for the organization.
Action on Server Error: Block Content terminates transmission and return a violation if the ICAP connection times out or returns an ICAP message to indicate the rules applied to the file content warrant this. Allow Content and Log to enables the transmission to complete, but logs the DLP event.
Edit User Class DLP Rulesets
After you have configured rulesets, you can select one to apply to a user class: Administrators, File Admins, Users or Temp/Guest Users.
[Ruleset dropdown list]: From the drop-down list select any previously defined ruleset. The default selection -none- does not filter the data for violations since it applies no rules. The selection is then applied to any new users configured for that class.
Change Ruleset: Applies the ruleset to all currently configured users in that user class. (Click Yes to confirm the change.)
Configure DLP Rulesets
In order to use DLP scanning, you must define rulesets and apply them to user classes or users.
Name: Name of existing ruleset. The Edit button allows you to change the ruleset. The Delete button allows you to delete a defined ruleset.
Add DLP Ruleset: Displays the Add DLP Ruleset page.
Add DLP Ruleset
The Add DLP Ruleset page allows you to define a ruleset.
Name: Name of the ruleset.
Description: Description for a Ruleset.
Default Action: Action to invoke when one or more violations are found in the data by the DLP scanner, but none of the rules in the ruleset match the violations reported to MOVEit:
Block: Terminates transmission.
Quarantine: Upload will be allowed, but Download will not be allowed. Files will be tagged, and an audit log entry will be recorded indicating that the file violates one or more DLP policies. Files may be untagged later, at which point normal permissions will take effect.
Allow: Transfer (upload and download) will be allowed, and files will be tagged. An audit log entry will be recorded indicating that the file violates one or more DLP policies.
Add Ruleset: Displays the Edit DLP Rules section so you can specify one or more matches against DLP policies that will be applied.
Add/Edit DLP Rule
The Add/Edit DLP Rule page allows you to specify the mask and action for a DLP policy.
Policy Mask: Values entered that MOVEit uses when it scans the information returned from the DLP scanner to determine if there was a policy violation. Best practice is to use the asterisk wildcard on either side of a value so it matches a significant value within the response, for example *SSN*.
Important: This value must match a value in the response data returned by the DLP scanner. This is typically the name of the policy from the scanner. However, some DLP systems allow users to specify text to be returned, so the value might depend on how your DLP system is configured. For example, if you use *SSN* as the mask, and your scanner returns SSN as part of the data associated with that type of policy violation, MOVEit will apply the appropriate action for that violation.
Policy Action: Action to take if there is a violation of the policy.
Block: Terminates transmission.
Quarantine: Upload will be allowed, but Download will not be allowed. Files will be tagged, and an audit log entry will be recorded indicating that the file violates one or more DLP policies. Files may be untagged later, at which point normal permissions will take effect.
Allow: Transfer (upload and download) will be allowed, and files will be tagged. An audit log entry will be recorded indicating that the file violates one or more DLP policies.
Comment: Information pertinent to this particular policy mask.
allows you to change the ruleset. The Delete button 
allows you to delete a defined ruleset.