EasyManua.ls Logo

Fortinet Gate 60D - Page 517

Fortinet Gate 60D
706 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Data Leak Prevention DLP Rules
FortiGate Version 4.0 Administration Guide
01-400-89802-20090424 517
http://docs.fortinet.com/Feedback
Figure 341: DLP rule for HTTP traffic
Name The name of the rule.
Comments An optional comment describing the rule.
Protocol Select the type of content traffic that the DLP rule the rule will apply to.
The available rule options vary depending on the protocol that you
select. You can select the following protocols: Email, HTTP, FTP,
NNTP, and Instant Messaging.
AIM, ICQ, MSN, Yahoo! When you select the Instant Messaging protocol, you can configure
the rule to apply to file transfers using any or all of the supported IM
protocols (AIM, ICQ, MSN, and Yahoo!).
Only file transfers using the IM protocols are subject to DLP rules. IM
messages are not scanned.
HTTP POST, HTTP GET When you select the HTTP protocol, you can configure the rule to
apply to HTTP post or HTTP get traffic or both.
HTTPS POST, HTTPS
GET
When you select the HTTP protocol, if your FortiGate unit supports
SSL content scanning and inspection, you can also configure the
HTTP rule to apply to HTTPS get or HTTPS post traffic or both. For
more information about SSL content scanning and inspection, see
“Configuring SSL content scanning and inspection” on page 402.
To scan these encrypted traffic types, you must set HTTPS Content
Filtering Mode to Deep Scan (Decrypt on SSL Traffic) in the Protocol
Recognition section of the protection profile. If URL Filtering is
selected, the DLP sensors will not scan HTTPS content.
FTP PUT, FTP GET When you select the FTP protocol, you can configure the rule to apply
to FTP put, or FTP get traffic or both.
SMTP, IMAP, POP3 When you select the Email protocol, you can configure the rule to
apply to any or all of the supported email protocols (SMTP, IMAP, and
POP3).
SMTPS IMAPS POP3S When you select the Email protocol, if your FortiGate unit supports
SSL content scanning and inspection, you can also configure the rule
to apply to SMTPS, IMAPS, POP3S or any combination of these
protocols.
For more information about SSL content scanning and inspection, see
“Configuring SSL content scanning and inspection” on page 402.

Table of Contents