Fortinet black logo

Administration Guide

Home FortiProxy 7.0.0 Administration Guide
7.0.0
7.4.3
7.4.2
7.4.1
7.4.0
7.2.10
7.2.9
7.2.8
7.2.7
7.2.0
7.0.17
7.0.0
2.0.0
1.2.0
1.1.0
1.0.0

Data Leak Prevention

Data Leak Prevention

The data leak prevention (DLP) system allows you to prevent sensitive data from leaving your network. After sensitive data patterns are defined, data matching the patterns will either be blocked or logged and then allowed.

The DLP system is configured by creating filters based on various attributes and expressions within DLP sensors and then assigning the sensors to security policies.

DLP can also be used to prevent unwanted data from entering your network and to archive content passing through the FortiProxy device.

A DLP sensor is a package of filters. To use DLP, select and enable a DLP sensor in a security policy. The traffic controlled by the security policy will be searched for the patterns defined in the filters contained in the DLP sensor. Matching traffic will be passed or blocked according to the filters.

To view available DLP sensors, go to Security Profiles > Data Leak Prevention.

Hover over the leftmost edge of the column heading to display the Configure Table icon, which you can use to select the columns to display or to reset all the columns to their default settings. You can also drag column headings to change their order.

The following options are available:

Create New

Create a DLP sensor. See Create or edit a DLP sensor.

Edit

Modify the selected DLP sensor. See Create or edit a DLP sensor.

Clone

Make a copy of a DLP sensor.

Delete

Remove the selected DLP sensor.

Search

Search for text in any column.

Name

The name of the DLP sensor.

Comments

Optional description of the sensor.

Ref.

Displays the number of times the object is referenced to other objects.

To view the location of the referenced object, select the number in Ref.; the Object Usage window opens and displays the various locations of the referenced object.

DLP Log

Logging when data matches the configured patterns is enabled or disabled.
Previous
Next

Data Leak Prevention

The data leak prevention (DLP) system allows you to prevent sensitive data from leaving your network. After sensitive data patterns are defined, data matching the patterns will either be blocked or logged and then allowed.

The DLP system is configured by creating filters based on various attributes and expressions within DLP sensors and then assigning the sensors to security policies.

DLP can also be used to prevent unwanted data from entering your network and to archive content passing through the FortiProxy device.

A DLP sensor is a package of filters. To use DLP, select and enable a DLP sensor in a security policy. The traffic controlled by the security policy will be searched for the patterns defined in the filters contained in the DLP sensor. Matching traffic will be passed or blocked according to the filters.

To view available DLP sensors, go to Security Profiles > Data Leak Prevention.

Hover over the leftmost edge of the column heading to display the Configure Table icon, which you can use to select the columns to display or to reset all the columns to their default settings. You can also drag column headings to change their order.

The following options are available:

Create New

Create a DLP sensor. See Create or edit a DLP sensor.

Edit

Modify the selected DLP sensor. See Create or edit a DLP sensor.

Clone

Make a copy of a DLP sensor.

Delete

Remove the selected DLP sensor.

Search

Search for text in any column.

Name

The name of the DLP sensor.

Comments

Optional description of the sensor.

Ref.

Displays the number of times the object is referenced to other objects.

To view the location of the referenced object, select the number in Ref.; the Object Usage window opens and displays the various locations of the referenced object.

DLP Log

Logging when data matches the configured patterns is enabled or disabled.
Previous
Next