ITarian Help

Find the desired product help

IT Endpoint Manager

IT Endpoint Manager

Comodo Client Security for Windows - User Guide 12.10

English

Print Help Download Help
DLP Tasks - Introduction > Run Data Loss Prevention Scans
  • Introduction To Comodo Client Security
    • Special Features
    • System Requirements
    • Install Comodo Client Security
    • Start Comodo Client Security
    • The Main Interface
      • The Home Screen
      • The Tasks Interface
      • The Widget
      • The System Tray Icon
    • Understand Security Alerts
    • Password Protection
  • General Tasks - Introduction
    • Scan And Clean Your Computer
      • Run A Quick Scan
      • Run A Full Computer Scan
      • Run A Rating Scan
      • Run A Custom Scan
        • Scan A Folder
        • Scan A File
        • Create, Schedule And Run A Custom Scan
      • Automatically Scan Unrecognized And Quarantined Files
    • Instantly Scan Files And Folders
    • Process Infected Files
    • Manage Virus Database Updates
    • Manage Blocked Autoruns
    • Manage Quarantined Items
  • Firewall Tasks - Introduction
    • Configure Internet Access Rights For Applications
    • Stealth Your Computer Ports
    • Manage Network Connections
    • Stop All Network Activities
    • View Active Internet Connections
  • Containment Tasks - Introduction
    • Run An Application In The Container
    • Reset The Container
    • Identify And Kill Unsafe Running Processes
    • Open Shared Space
    • The Virtual Desktop
      • Start The Virtual Desktop
      • The Main Interface
      • Run Browsers Inside The Virtual Desktop
      • Open Files And Run Applications Inside The Virtual Desktop
      • Pause And Resume The Virtual Desktop
      • Close The Virtual Desktop
    • Containment Statistics Analyzer
  • DLP Tasks - Introduction
    • Run Data Loss Prevention Scans
    • Manage DLP Quarantined Files
  • Advanced Tasks - Introduction
    • Create A Rescue Disk
      • Download And Burn Comodo Rescue Disk
    • Remove Deeply Hidden Malware
    • Manage CCS Tasks
    • View CCS Logs
      • Antivirus Logs
      • VirusScope Logs
      • Firewall Logs
      • HIPS Logs
      • Containment Logs
      • Website Filtering Logs
      • Device Control Logs
      • Autorun Event Logs
      • Alert Logs
      • CCS Tasks Logs
      • File List Changes Logs
      • Vendor List Changes Logs
      • Configuration Change Logs
      • Virtual Desktop Event Logs
      • Data Loss Prevention Event Logs
      • Search And Filter Logs
    • Submit Files For Analysis To Comodo
    • View Active Process List
  • CCS Advanced Settings
    • General Settings
      • Customize User Interface
      • Configure Virus Database Updates
      • Log Settings
      • Manage CCS Configurations
        • Comodo Preset Configurations
        • Personal Configurations
    • Antivirus Configurations
      • Real-time Scanner Settings
      • Scan Profiles
    • Firewall Configuration
      • General Firewall Settings
      • Application Rules
      • Global Rules
      • Firewall Rule Sets
      • Network Zones
        • Network Zones
        • Blocked Zones
      • Port Sets
    • HIPS Configuration
      • HIPS Settings
      • Active HIPS Rules
      • HIPS Rule Sets
      • HIPS Groups
        • Registry Groups
        • COM Groups
    • Protected Objects
      • Protected Objects - HIPS
        • Protected Files
        • Blocked Files
        • Protected Registry Keys
        • Protected COM Interfaces
      • Protected Objects - Containment
        • Protected Files And Folders
        • Protected Keys
    • Data Loss Prevention
      • DLP Monitoring Rules
      • DLP Discovery Rules
      • DLP Keyword Groups
    • Containment Settings
      • Containment Settings
      • Auto-Containment Rules
      • Virtual Desktop Settings
      • Containment - An Overview
      • Unknown Files - The Scanning Processes
    • File Rating Configuration
      • File Rating Settings
      • File Groups
      • Submitted Files
    • Advanced Protection
      • VirusScope Settings
      • Scan Exclusions
      • Device Control Settings
      • Script Analysis Settings
      • Miscellaneous Settings
    • Web Filter Settings
      • Website Filtering Rules
      • Website Categories
  • Appendix 1 - CCS How To... Tutorials
    • Enable / Disable AV, Firewall, Auto-Containment And VirusScope Easily
    • Set Up The Firewall For Maximum Security And Usability
    • Block Internet Access While Allowing Local Area Network (LAN) Access
    • Block / Allow Specific Websites To Specific Users
    • Set Up HIPS For Maximum Security And Usability
    • Create Rules To Auto-Contain Applications
    • Run An Instant Antivirus Scan On Selected Items
    • Create An Antivirus Scan Schedule
    • Run Untrusted Programs Inside The Container
    • Run Browsers Inside The Container
    • Restore Incorrectly Quarantined Item(s)
    • Submit Quarantined Items To Comodo Valkyrie For Analysis
    • Enable File Sharing Applications Like BitTorrent And Emule
    • Block Any Downloads Of A Specific File Type
    • Disable Auto-Containment On A Per-application Basis
    • Switch Off Automatic Antivirus Updates
    • Suppress CCS Alerts Temporarily
    • Control External Device Accessibility
  • Appendix 2 - Comodo Secure DNS Server
    • Router - Manually Enable Or Disable Comodo Secure DNS Service
    • Windows - Enable Comodo Secure DNS
  • About ITarian

Run Data Loss Prevention Scans


Click ‘Tasks’ > ‘DLP Tasks’ > ‘Data Loss Prevention Scan’

  • Data loss prevention (DLP) scans let you identify documents on your computer which contain sensitive information. Example sensitive data includes credit card numbers, bank account numbers, social security numbers and so on

  • You can select the discovery rules to run a scan
  • Each rule defines the areas to scan, the type of information to search for, and the action to take on discovered files. The possible actions are:
  • Ignore - The file is retained in its original location. But you can view the identified file from the logs
  • Quarantine - The file is moved from its original location to a secure holding area. Users cannot open quarantined files. You can review quarantined files by clicking 'Data Loss Prevention Quarantine' in the 'DLP Tasks' interface. See Manage DLP Quarantined Files for more details.
  • Your Endpoint Manager admin should have first created a DLP discovery rules in EM portal and added them to the EM profile active on your device. See DLP Discovery Rules to view the rules available on your
This section explains how to run a DLP scan and view results:
  • Run a DLP scan
  • View scan results

Run a Data Loss Prevention Scan

  • Click 'Tasks' on the CCS home screen
  • Click 'General Tasks' > 'Data Loss Prevention Scan'



 

The scan interface shows all rules added to your device by the EM profile active on your device.



Action – Start and stop scans using a particular rule.


Rules – The label of DLP rule.


Last Scan – Date and time of the most recent DLP scan.

  • Click the ‘Start’ button at the top to run all rules at once



OR

  • Use the start buttons on the left to run a scan with a specific rule.



  • CCS runs the selected DLP scans
  • After the scan is started, you can pause, resume or stop the scan

Next, view results of the scan.


View DLP Scan Results


You can view DLP scan results in the logs section.

    • Click ‘Logs’ at the top of the CCS interface:



       

      • Select ‘Data Loss Prevention Events’ from the first drop-down:




      • Date & Time - When the event occurred.
      • Target - The item affected by the rule.
      • DLP Monitoring event – Shows the type of external storage device to which the data transfer attempt was made.
      • DLP Discovery event – Shows the file path of the identified file.
      • Rule Name - The DLP rule that found the target item. This could be a DLP discovery rule or a monitoring rule.
      • Rule Type – Whether rule is a DLP discovery rule or a removable storage rule.
      • Action - How the file was handled in the DLP event. The possible values are:
      • Ignore
      • Quarantine
      • Restore from quarantine
      • Delete from quarantine
      • Blocked
      • Status – Shows whether the rule executed successfully or not.
      • Details – The specifics of the data found.
      • DLP monitoring rule – Shows the removable storage device affected by the rule.
      • DLP Discovery rule - Has a ‘Show details’ link which opens the specifics of the event. See View file details for more details.
      Advanced Filter – Search the logs by file location, rule or action. Use the advanced filter options to filter the logs of discovery events.

      Filter by Date and Time – Search for logs generated within a specific time-frame.

      Open log file - Browse to and view a saved log file.

      Cleanup log file - Delete the selected event log.

      Export - Save the logs as a HTML file. You can also right-click inside the log viewer and choose 'Export'.

      Refresh - Reload the current list to show the latest logs.

      View file details

      • Click the 'Show details' in the 'Details' column:



      • The screen shows the name of the file, and the rule/pattern which discovered sensitive data in the file.
      • The 'match' column shows the first and last characters of the actual discovered data. The option to show this should be enabled in the discovery rule.
      Comodo Help
      • IT Platform:
      • Help
      • Scripts
      • Wiki
      • Forum
      • Developer
      • RMM
      • Patch Management
      • Service Desk
      • ITSM
      • Managed Service Provider
      • Managed Detection and Response
      • Ticketing System
      • Helpdesk
      • ITIL

      Copyright 2025 Itarian