FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Not applicable
Article Id 193270
Description
Data leakage can be the intentional or unintentional result of human or software error.  It is often the result of specific, targeted actions, sometimes by trusted insiders, which leads to the loss of sensitive information.
 
There are many ways in which confidential data or proprietary secrets can leave an organization. For example, emails and FTP.  Data leak prevention protects your intellectual property from internal mishandling.
 
FortiOS 4.0 introduces DLP which will prevent confidential data leakage through different Rules or Compound Rules.
 

 
How to configure DLP?
 
Create individual DLP Rules
Under UTM > Data Leak Prevention > Rule
Group multiple individual DLP Rules
Under UTM > Data Leak Prevention > Compound
Create a DLP Sensor & add individual or compound Rules
Under UTM > Data Leak Prevention > Sensor
Define this sensor in the protection profile
Under Firewall > Protection Profile > web > Data Leak Prevention Sensor
Choose this Protection Profile in the respective Firewall Policy
Under Firewall > Policy > Edit > enable Protection Profile > choose Protection Profile
 
 
Create a DLP Rule
 
 
 
Creating Compound Rule
 

 
 
Create a DLP Sensor
 

 
 
Add DLP Sensor Rule
 
 
Choose any of the following options as Action in a DLP Sensor Rule
  • None
  • Block
  • Exempt
  • Ban -define expiry timer
  • Ban Sender -define expiry timer
  • Quarantine IP Address -define expiry timer
  • Quarantine Interface
 
Note:  Both Compound and Individual Rules can be added to one DLP Sensor.  An example of this is shown below.



Finally, define the DLP Sensor in Protection Profile.  Select this protection profile in the respective firewall policy
 


FortiOS 4.0 data Leak Prevention rules can be enabled on the following protocols,
  • HTTP
  • FTP
  • SMTP
  • POP3
  • IMAP
  • NNTP
  • Instant Messenger
 Before configuring DLP, it's crucial to understand what data types are being protected.  A company can configure FortiOS 4.0 DLP with different techniques to secure data.  Configuring DLP Rules should be done according to an organization's IT security Standards.

Solution
.