Fortigate Firewall How to - DLP
7
FORTIGATE FIREWALL HOW TO DLP www.ipmax.it
-
Upload
ipmax-srl -
Category
Technology
-
view
297 -
download
3
description
In this lesson, we'll see how to configure DLP. Follow us!
Transcript of Fortigate Firewall How to - DLP
FORTIGATE FIREWALL HOW TO
DLPwww.ipmax.it
INTRODUCTION
If you are working for an enterprise or your business requires confidentiality, you may need to implementcountermeasures in order to prevent sensitive data to go outside your company.
Fortigate feature that implements data confidentiality is called Data Leak Prevention (DLP). DLP scansoutgoing traffic and blocks any sensitive data from leaving your network.
In order to configure DLP, the feature must be enabled on the
firewall. As all other Fortigate capabilities, DLP can be enabled
without any ad hoc license.
Go to System > Config > Features and enable both DLP and
Multiple Security Profiles if they are not yet active.
CONFIGURING DLP
As many other feature, the configuration foresees the creation of a sensor and its application to afirewall policy.
Go to Security Profiles > Data Leak
Prevention > File Filter. Select Create
New to make a File Filter Table. Insert
the table name and click OK; now we
can insert new filters.
Creating the filter we can chose the
filter type (file name or file type). In
the example at right side we have
chosen «File Name Pattern», so we
can insert the name or extension of a
file we want to block.
CONFIGURING DLP - CONTINUED
Filtering on file name or extension basis is a very
simple method and exposes your network to data
leaks in case users rename files.
A more sophisticated method is filtering by file type.
In this case, the Fortigate scans file content and
recognizes its type also in case a user renames it.
Now we have to associate the just created file filter
to a new sensor.
Go to Security Profiles > Data Leak Prevention >
Sensors. Select the plus icon in the upper right corner
of the window to create a new sensor.
CONFIGURING DLP - CONTINUED
Select Create New to make a new filter and set thetype to Files.
Enable File Type included in and set it to yourpreviously created file filter.
Under Examine the following Services, select theservices you wish to monitor with DLP.
Finally set the Action to Block.
Now the only thing to do is to associate the sensor to afirewall policy for the traffic going outside.
IPMAX
IPMAX is a Fortinet Partner in Italy.
IPMAX is the ideal partner for companies seeking quality in products and services. IPMAX guarantees method and professionalism to support its customers in selecting technologies with the best quality / price ratio, in the design, installation, commissioning and operation.
IPMAX srl
Via Ponchielli, 4
20063 Cernusco sul Naviglio (MI) – Italy
+39 02 9290 9171
