DLP Rules Data Leak Prevention
FortiGate Version 4.0 MR1 Administration Guide
596 01-410-89802-20090903
http://docs.fortinet.com/ • Feedback
Adding or configuring DLP rules
Go to UTM > Data Leak Prevention > Rule. To add a new rule, select Create New. To edit
an existing rule, select the edit icon of the rule to be changed.
Figure 368: DLP rule for HTTP traffic
All-Email, All-FTP,
All-HTTP, All-IM, All-NNTP,
All-Session-Control
.These rules will detect all traffic of the specified type.
Email-AmEx,
Email-Canada-SIN,
Email-US-SSN,
Email-Visa-Mastercard
These four rules detect American Express numbers, Canadian Social
Insurance Numbers, U.S. Social Security Numbers, or Visa and
Mastercard numbers within the message bodies of SMTP, POP3, and
IMAP email traffic.
HTTP-AmEx,
HTTP-Canada-SIN,
HTTP-US-SSN,
HTTP-Visa-Mastercard
These four rules detect American Express numbers, Canadian Social
Insurance Numbers, U.S. Social Security Numbers, or Visa and
Mastercard numbers within POST command in HTTP traffic. The
HTTP POST is used to send information to a web server.
As written, these rules are designed to detect data the user is sending
to web servers. This rule does not detect the data retrieved with the
HTTP GET command, which is used to retrieve load web pages.
Email-Not-Webex,
HTTP-Post-Not-Webex
These rules prevent DLP from matching email or HTTP pages that
contain the string WebEx.
Large-Attachment This rule detects files larger than 5MB attached to SMTP, POP3, and
IMAP email messages.
Large-FTP-Put This rule detects files larger than 5MB sent using the FTP PUT
protocol. Files received using FTP GET are not examined.
Large-HTTP-Post This rule detects files larger than 5MB sent using the HTTP POST
protocol. Files received using HTTP GET are not examined.
Name The name of the rule.
Comments An optional comment describing the rule.
To Next Page
Loading...
Need help?
General