Data Leak Prevention DLP Compound Rules
FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903 601
http://docs.fortinet.com/ • Feedback
AIM, ICQ, MSN, Yahoo! When you select the Instant Messaging protocol, you can select the
supported IM protocols for which to add rules. Only the rules that
include all of the selected protocols can be added to the compound
rule.
HTTP POST, HTTP GET When you select the HTTP protocol, you can configure the compound
rule to apply to HTTP post or HTTP get sessions or both. Only the
rules that include all of the selected options can be added to the
compound rule.
HTTPS POST, HTTPS
GET
When you select the HTTP protocol, if your FortiGate unit supports
SSL content scanning and inspection, you can configure the
compound rule to apply to HTTPS post or HTTPS get sessions or
both. Only the rules that include all of the selected options can be
added to the compound rule.
For more information about SSL content scanning and inspection, see
“Configuring SSL content scanning and inspection” on page 484.
To scan these encrypted traffic types, you must set HTTPS Content
Filtering Mode to Deep Scan (Decrypt on SSL Traffic) in the Protocol
Recognition section of the protection profile. If URL Filtering is
selected, the DLP sensors will not scan HTTPS content.
FTP PUT, FTP GET When you select the FTP protocol, you can configure the compound
rule to apply to FTP put, or FTP get sessions or both. Only the rules
that include all of the selected options can be added to the compound
rule.
SMTP, IMAP, POP3 When you select the Email protocol, you can select the supported
email protocols for which to add rules. Only the rules that include all of
the selected protocols can be added to the compound rule.
SMTPS IMAPS POP3S When you select the Email protocol, if your FortiGate unit supports
SSL content scanning and inspection, you can also select the SMTPS,
IMAPS, POP3S protocols. Only the rules that include all of the
selected protocols can be added to the compound rule.
For more information about SSL content scanning and inspection, see
“Configuring SSL content scanning and inspection” on page 484.
Rules Select the rule to include in the compound rule. Only the rules that
include all of the selected protocols can be added to the compound
rule.
Add Rule/Delete Rule Use the add rule and delete rule icons to add and remove rules from
the compound rule. Select the add rule icon and then select rule from
the list.
To Next Page
Loading...
