DLP Rules Data Leak Prevention
FortiGate Version 4.0 Administration Guide
518 01-400-89802-20090424
http://docs.fortinet.com/ • Feedback
File Options You can select file options for any protocol to configure how the DLP
rule handles archive files, MS-Word files, and PDF files found in
content traffic.
Scan archive contents When selected, files within archives are extracted and scanned in the
same way as files that are not archived.
Scan archive files
whole
When selected, archives are scanned as a whole. The files within the
archive are not extracted and scanned individually.
Scan MS-Word text When selected the text contents of MS Word DOC documents are
extracted and scanned for a match. All metadata and binary
information is ignored.
Note: Office 2007/2008 DOCX files are not recognized as MS-Word
by the DLP scanner. To scan the contents of DOCX files, select the
Scan archive contents option.
Scan MS-Word file
whole
When selected, MS Word DOC files are scanned. All binary and
metadata information is included.
If you are scanning for text entered in a DOC file, use the
Scan MS-Word option. Binary formatting codes and file information
may appear within the text, causing text matches to fail.
Note: Office 2007/2008 DOCX files are not recognized as MS-Word
by the DLP scanner. To scan the contents of DOCX files, select the
Scan archive contents option.
Scan PDF text When selected, the text contents of PDF documents are extracted and
scanned for a match. All metadata and binary information is ignored.
Scan PDF file whole When selected, PDF files are scanned. All binary and metadata
information is included.
If you are scanning for text in PDF files, use the Scan PDF Text
option. Binary formatting codes and file information may appear within
the text, causing text matches to fail.
Rule Use the Rule settings to configure the content that the DLP rule
matches.
Attachment size Check the attachment file size.
This option is available for Email.
Attachment type Search email messages for file types or file patterns as specified in the
selected file filter.
This option is available for Email.
Authenticated User Search for traffic from the specified authenticated user.
Binary file pattern Search for the specified binary string in network traffic.
Body Search for the specified string in the message or page body.
This option is available for Email, HTTP, and NNTP.
CGI parameters Search for the specified CGI parameters in any web page with CGI
code.
This option is available for HTTP.
Cookie Search the contents of cookies for the specified text.
This option is available for HTTP.
File is/not encrypted Check whether the file is or is not encrypted. Encrypted files are
archives and MS Word files protected with passwords. Because they
are password protected, the FortiGate unit cannot scan the contents
of encrypted files.
File text Search for the specified text in transferred text files.
This option is available in FTP, IM, and NNTP.
File type Search for the specified file patterns and file types. The patterns and
types configured in file filter lists and a list is selected in the DLP rule.
For more information about file filter lists, see “File Filter” on page 443.
This option is available for FTP, HTTP, IM, and NNTP.
Hostname Search for the specified host name when contacting a HTTP server.
HTTP header Search fo
r the specified string in HTTP headers.
To Next Page
Loading...