Data Leak Prevention; Application Control; Logging - Fortinet FortiGate Series Install Manual

Data leak prevention

Data leak prevention

Application control

Logging

34
FortiGate data leak prevention enables you to stop sensitive data, such as credit card
information or social security numbers, from leaving your network. You can define
sensitive data patterns and data matching. These patterns will be blocked and/or logged
when passing through the FortiGate unit. The data leak prevention system is configured
by creating individual rules, combining the rules into a data leak prevention sensor which
you can then apply to a protection profile.
While its primary use is to prevent sensitive data from leaving your network, you can also
use the data leak prevention to prevent unwanted data from entering your network.
To configure a data leak prevention sensor and pattern, go to UTM > Data Leak
Prevention and select Rule and Sensor.
For details and configuration options for data leak prevention, see the
Administration Guide or the
Application control is a feature that enables your FortiGate unit to detect and take action
against network traffic depending on the application generating the traffic. Based on
intrusion protection protocol detectors, application control is a more user-friendly way to
use intrusion protection features to log and manage the behavior of application traffic
passing through the FortiGate unit. Application control uses IPS protocol decoders that
can analyze network traffic to detect application traffic even if the traffic uses non-standard
ports or protocols.
The FortiGate unit can recognize the network traffic generated by more than 70
applications. You can create application control lists that specify what action will be taken
with the traffic of the applications you need to manage.
To configure application control, go to UTM > Application Control > Control List.
For details and configuration options for application control see the
Administration Guide or the
Logging is an indirect method of protecting your network. The Fortinet unit's robust logging
features enable you to see the attacks, spam and virus activity is occurring on your
network. Using this information, you can then take the corrective action necessary to
resolve any problems before they become major problems.
With alert email, you can configure the Fortinet unit to send alert messages, when specific
events occur with specific frequency. By logging to a FortiAnalyzer unit, you can run over
400 reports on various network traffic.
To configure logging, go to Log&Report > Log Config.
For details and configuration options for the logging features and settings, see the
FortiGate Administration Guide
Fortinet Online Help.
Fortinet Online Help.
or the Fortinet Online
Advanced configuration
FortiGate
FortiGate
Help.
FortiGate Version 4.0 Desktop Install Guide
01-400-95522-20090501
http://docs.fortinet.com/ • Feedback