DLP Sensors
Data Leak Prevention
FortiGate Version 4.0 Administration Guide
512
01-400-89802-20090424
Default DLP sensors
A number of default DLP sensors are provided with your FortiGate unit. You can use these
as provided, or modify them as required.
Adding and configuring a DLP sensor
You can create a new DLP sensor and configure it to include the DLP rules and DLP
compound rules required to protect the traffic leaving your network.
A DLP sensor must be created before it can be configured by adding rules and compound
rules. To create a DLP sensor, go to
UTM > Data Leak Prevention > Sensor
and select
Create New
. Enter the DLP sensor name and optional comment, and select
OK
. You can
then add the required rules and compound rules.
To configure a DLP sensor, go to
UTM > Data Leak Prevention > Sensor
and select the
Edit
icon of the sensor to be configured. A list of the DLP rules and DLP compound rules
included in the DLP sensor is displayed. A newly created sensor will include no rules.
Caution:
Before use, examine the sensors and rules in the sensors closely to ensure you
understand how they will affect the traffic on your network.
Note:
DLP prevents duplicate action. Even if more than one rule in a sensor matches some
content, DLP will not create more than one content archive entry, quarantine item, or ban
entry from the same content.
Content_Archive
All non-encrypted email, FTP, HTTP, IM, and NNTP traffic is archived
to a FortiAnalyzer unit or the FortiGuard Analysis and Management
Service. Traffic is only archived. No blocking or quarantine is
performed.
If you have a FortiGate unit that supports supports SSL content
scanning and inspection, you can modify this sensor to archive
encrypted traffic as well.
Content_Summary
A summary of all non-encrypted email, FTP, HTTP, IM, and NNTP
traffic is saved to a FortiAnalyzer unit or the FortiGuard Analysis and
Management Service. No blocking or quarantine is performed.
If you have a FortiGate unit that supports supports SSL content
scanning and inspection, you can modify this sensor to archive a
summary of encrypted traffic as well.
Credit-Card
The number formats used by American Express, Visa, and
Mastercard credit cards are detected in HTTP and email traffic.
As provided, the sensor is configured not to archive matching traffic
and an action of
None
is set. Configure the action and archive options
as required.
Large-File
Files larger than 5MB will be detected if attached to email messages
or if send using HTTP or FTP.
As provided, the sensor is configured not to archive matching traffic
and an action of
None
is set. Configure the action and archive options
as required.
SSN-Sensor
The number formats used by U.S. Social Security and Canadian
Social Insurance numbers are detected in email and HTTP traffic.
As provided, the sensor is configured not to archive matching traffic
and an action of
None
is set. Configure the action and archive options
as required.
Summary of Contents for Gate 60D
Page 705: ...www fortinet com...
Page 706: ...www fortinet com...