config dlp rule edit "All-Email-from-watch-sender" set protocol email set sub-protocol smtp set field sender set regexp "*watch*" set regexp-wildcard enable next end config dlp sensor edit "sensor_block_watch" config rule edit "All-Email-from-watch-sender" set action ban (or ban-sender,to block only mails for this sender) set archive enable set expiry 10m next end set dlp-log enable next end config firewall policy edit 2 set srcintf "wan2" set dstintf "dmz" set srcaddr "all" set dstaddr "all" set action accept set utm-status enable set schedule "always" set service "ANY" set dlp-sensor "sensor_block_watch" set profile-protocol-options "default" next end |
1 logs found. 1 logs returned. 1: 2010-06-04 15:08:09 log_id=0954024576 type=dlp subtype=dlp pri=warning vd="root" policyid=2 identidx=0 serial=107333 user="N/A" group="N/A" src=10.112.0.10 sport=1694 src_port=1694 src_int="wan2" dst=10.160.0.8 dport=25 dst_port=25 dst_int="dmz" service=smtp status=detected hostname="N/A" url="N/A" from="N/A" to="N/A" msg="data leak detected(Data Leak Prevention Rule matched: ip address banned)" rulename="All-Email-from-watch-sender" compoundname="N/A" action=ban severity=1 |
1: 2010-06-04 16:21:15 log_id=0954024576 type=dlp subtype=dlp
pri=warning vd="root" policyid=2 identidx=0serial=109156 user="N/A"
group="N/A" src=10.112.0.10 sport=1911 src_port=1911 src_int="wan2"
dst=10.160.0.8 dport=25 dst_port=25 dst_int="dmz" service=smtp
status=detected hostname="N/A" url="N/A" from="N/A" to="N/A" msg="data
leak detected(Data Leak Prevention Rule matched)"
rulename="All-Email-from-watch-sender" compoundname="N/A" action=ban
sender severity=1 |
id cause src-ip-addr dst-ip-addr expires created dlp-proto 1 All-Email-from-watch-sender 10.112.0.10 Fri Jun 4 15:18:09 2010 Fri Jun 4 15:08:09 2010 SMTP |
Related Articles
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.