Data Leak Prevention; Dlp Sensors; Viewing The Dlp Sensor List - Fortinet FortiGate Series Administration Manual

Hide thumbs Also See for FortiGate Series:

Table of Contents

Data Leak Prevention

FortiGate Version 4.0 MR1 Administration Guide

01-410-89802-20090903

http://docs.fortinet.com/

You can use the FortiGate Data Leak Prevention (DLP) system to prevent sensitive data

from leaving or entering your network. You can define sensitive data patterns, and data

matching these patterns will be blocked and/or logged or archived when passing through

the FortiGate unit. The DLP system is configured by creating individual rules, combining

the rules into DLP sensors, and then assigning a sensor to a protection profile.

Although the primary use of the DLP feature is to stop sensitive data from leaving your

network, it can also be used to prevent unwanted data from entering your network and to

archive some or all of the content passing through the FortiGate unit.

This section provides an introduction to configuring DLP. For more information see the

FortiGate UTM User

If you enable virtual domains (VDOMs) on the Fortinet unit, data leak prevention is

configured separately for each virtual domain. For details, see

The section describes:

DLP archiving

DLP Compound Rules

DLP sensors are simply collections of DLP rules and DLP compound rules. The DLP

sensor also includes settings such as action, archive, and severity for each rule or

compound rule. Once a DLP sensor is configured, it can be specified in a protection

profile. Any traffic handled by the policy in which the protection profile is specified will

enforce the DLP sensor configuration.

To view the available DLP sensors, go to UTM > Data Leak Prevention > Sensor.

Figure 357: DLP sensor list

"Using virtual domains" on