Versions Compared

Version Old Version 7 New Version Current
Changes made by

serdar ak

serdar ak

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Server and user-side installations are required for This page is a guide for installing server and client-side tools of the GEODI Classifier.

Installation of a Manual/Automatic classification project takes about 1 -1.5hours. If GEODI is the first classification tool, you may to 2 hours. You can instantly start with ready classes . These classes are refined with many different user experiences. Porting an exiting classification environment(labels and rules) to GEODI is a quick process as well. At the end, you will be ready to distribute/install agents.

Info

You may anytime change the policies after installing the agents. Agents automatically update the policies. GEODI Classification Policy Manager allows you to override policies by groups, persons, client software, IP and more.

Note

We provide ready to use panels to watch agents and classification actions(logs).

Tip

After agents distribution users may start classification. GEODI 121 online course is enough for end users to learn classification for Desktop and Office classification.

The following is the basic roadmap for the installation.

Image Removed

Child pages

...

Troubleshooting

...

Clients will be updated in about 10 minutes when the Classifier settings are changed in the GEODI interface.

...

If office add-ons or Desktop Classification is not active

  • Check that the client installation is complete

  • Must have access to the GEODI server

  • GEODI Token validity must be checked

...

Installation can be performed in an environment without internet / in cases where GEODI cannot be reached. The Classifier plugin is automatically activated when a connection to GEODI is established.

...

ADS is used for classification in other file types except for MS Office and PDF files. In a classified file, whether the classes are preserved or not as a result of the following operations are written.

  • The name of the file has been changed (Class Preserved).

  • The file extension changed. txt → log - mp4 → avi (Class Preserved)

  • The file was copied to another computer without GEODI Classifier and checked (Class Preserved)

  • File copied over RDP connection (Class Not Preserved)

  • Classified, uploaded to Wetransfer, and downloaded. (Class Not Preserved)

  • The file has been classified. Compressed as rar/zip and extracted. (Class Not Preserved)

...

In case there is no access to the GEODI server, manual classification can be used. You can use other classes except for automatic classification through the last meta in communication with GEODI.

  • When connected to the GEODI server, the operations performed are logged.

  • In Shell classification, the automatic option is unavailable if it is not connected to the server.

  • In the Office plugin, "automatic (offline)" is displayed if the server is not reachable.

  • Changes made (adding a class) or falling off the server are checked periodically (5 minutes), not instantly, so as not to slow down your operations. For this reason, the changes made are not instantly reflected on the Add-In and Shell interface.

Suppose many mails are sent for Mail Merge use when the %AutoClass% statement is added to the document to be classified. In that case, it is automatically classified without asking for the class when sending multiple mails.

...

For example, if a mail merge is made over Word when %AutoClass% is written in the document, the classification is made automatically, and the class is not asked for every mailing.

...

if you have no previous classification tool. You can change or customize all rules for a specific group or condition. There is only one agent, and agent software and policy updates are automatic.

You can monitor agents using our agent panel. You may use the built-in log panel or a SIEM to monitor classification activities.

Training material for end-users is provided in https://decesw.atlassian.net/wiki/spaces/geodien/pages/3966664747/GEODI+121+-+Classification+tools+User+Training?atl_f=PAGETREE and GEODI Classifier Office and Other Plugins User Guide .

Table of Contents
maxLevel6
minLevel1
include
outlinefalse
indent
exclude
typelist
printablefalse
class

...

Child pages
depth2

Installation Roadmap

...

Checklist

Follow the steps for Classifier installation

  •  GEODI Server must be installed
  •  Activate Classification Module
  •  Activate Default Classes and Policies
  •  Ignore mail signatures (by a dictionary or mail server settings)
  •  Generate Agent MSI Package
  •  Sample Agent installation to selected clients
  •  Activate agent monitor panel
  •  Activate log analysis panel
  •  Interim review
  •  Modify Class and Policies
  •  Closing
  •  Deploy Agents to all clients

Frequently Asked Questions

Expand
titleCan we disable automatic classification for a specific group?
Info

  • Yes, with the GEODI Classification Policy Manager, you can create variations based on groups, individuals, IP addresses, and software (Word, Excel, etc.). It can be set to automatic only for one user group, manual only for others, or disabled for a specific user group if needed.

  • Changes in rules will take effect on clients approximately 10 minutes after modification.

  • GEODI Classifier Label/Tag Definitions

Expand
titleCan I perform batch classification?
Info

  • Yes, query the target and choose “Batch Classification” from the GEODI facet area. Files from Folder, FileServer, and GDE(PCs) will be included. Labels will be written to the respective files or as alternate data streams (ADS).

  • GEODI Classifier Batch Classification

Expand
titleWhat does Semantic Classification mean?
Info

It is the classification of files discovered in GEODI based on query results.

GEODI discovers IBAN, Credit Card, money, document type, date, and the document type. The class secret rule may contain Money>1M TL. GEODI recognizes money in many different forms. This is an example of semantic classification. Similarly, the class classified may contain a rule “if a contract.” GEODI understands whether a document is a contract with AI.

Expand
titleDoes the date of the classified documents change?
Info

No, GEODI classification tools preserve the file date.

Expand
titleCan we classify files discovered with GDE on remote PCs in-place?
Info

Suppose you have a Classification license for documents coming to the GEODI server through GDE. In that case, you can query and classify documents through GEODI ES, performing the classification on the source machine. The machine where the classification will occur must have our Classifier and GDE solutions installed.

Expand
titleCan databases be classified?
Info

There is no concept of writing labels to databases. However, GEODI classification tools can report the classification of a database record and enable you to take action based on this report.

Expand
titleCan internal e-mails in an organization(same domain) exluded from classifcation?
Info

Yes, in the GEODI Classification Management Interface, you can optionally exclude emails sent by users within the same domain from the classification.

Expand
titleCan Header/Footer and Watermark be multilingual?
Info

  • Yes. You can define multiple languages.

  • The language is chosen by machine language.

  • You can use values like usernames in these settings.

  • You can define multiple lines.

  • GEODI Classifier Label/Tag Definitions

Expand
titleIs 'Allow Class Lowering' permitted?
Info

  • Depending on policies, you can allow or prohibit class lowering for all or specific sets of users.

  • You can also use the rule that prohibits giving a class below automatic classification.

Expand
titleHow do I exclude email signatures?
Info

E-mail signatures contain the sender's PII information. To ignore this, you must either change e-mail server settings or prepare a dictionary. GEODI Classifier - Class and Policy settings - geodi-en - Confluence (atlassian.net) page explains how to do it.

The method used for Exchange servers, please provide https://learn.microsoft.com/en-us/exchange/security-and-compliance/mail-flow-rules/disclaimers-signatures-footers-or-headersthe link.

Expand
titleWhat is the format for classification log
Info

The result format can be a DB, syslog, CEF, or CSV.

You may use a SIEM or Log Analysis Panel to monitor and analyze the logs.

GEODI Classifier Log Analysis Panel and Classifier Project

Expand
titleHow will the agents deploy?
Info

  • You can use ManageEngine, PDQ, SCCM, or a similar tool. The GEODI Classification solution automatically generates the MSI and parameters required for agent deployment. Agents check updates every two days.

  • If there are few machines, you can manually run the MSI.

  • Agents are monitored from a panel. Agent Management Panel

GEODI Classifier Windows Client Installation

Expand
titleCan the uninstall or deactivation of agents be prevented?
Info

Yes, by default, Windows users cannot remove or deactivate Office plugins.

Expand
titleDo agents strain the endpoint?
Info

No, the GEODI Classification and GDE (Discovery) agents are designed to impose minimal load on the endpoint/client machines.

Expand
titleHow long does it take the policy changes take effect on the clients?
Info

Clients will be updated automatically and within approximately 10 minutes.

Expand
titleCan Classification Add-ons work offline
Info

Yes, offline is possible for add-ons

  • The add-ons must at least once access to GEODI server to get the policies

  • Only Manual classification is possible. The automatic classification is not available.

  • Rules from the last connection are used.

  • Logs are accumulated and transferred when a connection to the server is established.

Expand
titleHow are files without label support classified?
Info

  • Files without label support are classified using the ADS (Alternate Data Stream) method for files other than PDF and Office documents.

Expand
titleHow can see ADS labels?

ADS(Alternate Data Stream) is an NTFS feature. To list it, use the “dir /r" command.

ADS labels are a feature of the NTFS filesystem and may sometimes not be preserved.

  1. Labels are preserved

    1. Rename the file

    2. Change file extension txt → log - mp4 → avi

    3. Copy the file to another NTFS filesystem with or w/o the GEODI classifier installed.

  2. Labels are not preserved

    1. The file is copied through RDP, Wetransfer, or similar ways.

    2. The file is copied to non-NTFS filesystem

    3. The file is carried in a compressed file (Rar/zip=

    4. The file is attached to an e-mail

Expand
titleCan I use two classification solutions simultaneously?
Info

Yes, GEODI can adapt to the labeling scheme of an existing classification tool. This allows you to continue using both simultaneously without additional work on the DLP side.

Expand
titleCan classification be performed in Linux, Mac, or SharePoint environments?
Info

The GEODI classification solution works on Windows computers. Data discovery can be performed on Linux, MacOS, or SharePoint.

Expand
titleCan GEODI Classifier understand documents classified with a different classification tool?
Info

Yes. As long as the labeling scheme is the same, it doesn't matter which tool was used for the classification. The GEODI classification tool understands the class of a previously classified file and behaves according to policy settings.

Expand
titleIs GEODI Classifier compatible with MIP(Microsoft Information Protection) labels.
Info

Yes. GEODI Classifier is compatible with MIP and other schemas as well.

Troubleshooting

Expand
titleIf office extensions or desktop classification is not active
Info

  • The client installation should be verified.

  • Clients must access to GEODI at least once

  • The validity of the GEODI token should be checked.

Expand
titleAutomatic Classification is not active.
Info

There is no access to the GEODI server, or automatic classification may be disabled in the policy settings.

Expand
titleClassification is taking a long time.
Info

Automatic classification may take a long time due to network traffic, server load, and file sizes. GEODI reads the file content for auto-classification. Opening with Word or Excel may also take a long time.

Expand
titleEmail signatures are recognized as personal data
Info
Expand
titleClassification agents and Add-ins cannot see the GEODI server.
Info

  • If GEODI is closed,

  • If the GEODI port is not open

If add-ons at least once accessed the GEODI server and got the policies:

  • Only Manual classification is possible. The automatic classification is not available.

  • Rules from the last connection are used.

  • Logs are accumulated and transferred when a connection to the server is established.

Expand
titleHow to send a large number of emails simultaneously, like Mail Merge?
Info

Under normal circumstances, a classification pop-up opens for each email. To prevent this in bulk emails, you need to add the %AutoClass% expression to the email body or Word document for mail merge. The sent emails will be automatically classified without opening a pop-up.

Alternatively, you can create a separate classification policy for Outlook/OWA.

Expand
titleClassification Agents are not updating automatically.
Info

The classification agents automatically check whether the server has an up-to-date version every two days. Access to documents.decesoftware.com should be provided for this control and automatic update process. If access is available but automatic installation is not occurring, firewall settings should also be checked.

Expand
titleOutlook mails has label but no header or footer
Info

Check “Cash Mode” to true in users “Exchange Account Settings”.