I've been playing around with filters for credit cards and have yet to find one that stops all credit cards while limiting false positives because it is matching any random 16 characters.
I need one that blocks all amex, visa, mc, and discover without spaces, with spaces or with dashes.
This one has worked the best so far (it's a mish mash of filters I have found or tweaked or have been sent to me), but I think it can be improved. Any ideas? Anyone have a better filter they are using?
New enhancements coming with regards to Credit Cards
Just as an FYI, in the 5.5 code coming next month there will be new options in Content Filters called smart identifiers which include credit card number where IronPort has pre-configured the credit card information into AsyncOS and it also include check bits to reduce false positives.
This is a very slick enhancement and should greatly reduce the number of false positives over the standard regex configurations discussed on this thread.
Re: New enhancements coming with regards to Credit Cards
the problem with the Credit Card smart Content Filter is that if it finds a credit card number then that's it that message does not continue on to the actual DLP engine for additional scanning and does not show up as a DLP violation, at least that's how we see it working in our environment while testing, and yes we opened up a case with Cisco IronPort on this and are working with an engineer on it, I just wanted to contribute to this forum, and warn you all that this may not be working as you expected
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :