DLP Rules
Data Leak Prevention
FortiGate Version 4.0 Administration Guide
516
01-400-89802-20090424
Default DLP rules
A number of default DLP rules are provided with your FortiGate unit. You can use these as
provided, or modify them as required.
Adding or configuring DLP rules
Go to
UTM > Data Leak Prevention > Rule
. To add a new rule, select
Create New
. To edit
an existing rule, select the edit icon of the rule to be changed.
Note:
These rules affect only unencrypted traffic types. If you are using a FortiGate unit
able to decrypt and examine encrypted traffic, you can enable those traffic types in these
rules to extend their functionality if required.
Caution:
Before use, examine the rules closely to ensure you understand how they will
affect the traffic on your network.
All-Email, All-FTP,
All-HTTP, All-IM, All-NNTP
.These rules will detect all traffic of the specified type.
Email-AmEx,
Email-Canada-SIN,
Email-US-SSN,
Email-Visa-Mastercard
These four rules detect American Express numbers, Canadian Social
Insurance Numbers, U.S. Social Security Numbers, or Visa and
Mastercard numbers within the message bodies of SMTP, POP3, and
IMAP email traffic.
HTTP-AmEx,
HTTP-Canada-SIN,
HTTP-US-SSN,
HTTP-Visa-Mastercard
These four rules detect American Express numbers, Canadian Social
Insurance Numbers, U.S. Social Security Numbers, or Visa and
Mastercard numbers within POST command in HTTP traffic. The
HTTP POST is used to send information to a web server.
As written, these rules are designed to detect data the user is sending
to web servers. This rule does not detect the data retrieved with the
HTTP GET command, which is used to retrieve load web pages.
Large-Attachment
This rule detects files larger than 5MB attached to SMTP, POP3, and
IMAP email messages.
Large-FTP-Put
This rule detects files larger than 5MB sent using the FTP PUT
protocol. Files received using FTP GET are not examined.
Large-HTTP-Post
This rule detects files larger than 5MB sent using the HTTP POST
protocol. Files received using HTTP GET are not examined.
Содержание Gate 60D
Страница 678: ...Reports Log Report FortiGate Version 4 0 Administration Guide 678 01 400 89802 20090424 http docs fortinet com Feedback...
Страница 704: ...Index FortiGate Version 4 0 Administration Guide 704 01 400 89802 20090424 http docs fortinet com Feedback...
Страница 705: ...www fortinet com...
Страница 706: ...www fortinet com...