SlideShare une entreprise Scribd logo

Fortigate Firewall How to - DLP

IPMAX s.r.l.
IPMAX s.r.l.

In this lesson, we'll see how to configure DLP. Follow us!

Technologie
1  sur  7
Télécharger pour lire hors ligne
FORTIGATE FIREWALL HOW TO DLP www.ipmax.it
INTRODUCTION If you are working for an enterprise or your business requires confidentiality, you may need to implement countermeasures in order to prevent sensitive data to go outside your company. Fortigate feature that implements data confidentiality is called Data Leak Prevention (DLP). DLP scans outgoing traffic and blocks any sensitive data from leaving your network. In order to configure DLP, the feature must be enabled on the firewall. As all other Fortigate capabilities, DLP can be enabled without any ad hoc license. Go to System > Config > Features and enable both DLP and Multiple Security Profiles if they are not yet active.
CONFIGURING DLP As many other feature, the configuration foresees the creation of a sensor and its application to a firewall policy. Go to Security Profiles > Data Leak Prevention > File Filter. Select Create New to make a File Filter Table. Insert the table name and click OK; now we can insert new filters. Creating the filter we can chose the filter type (file name or file type). In the example at right side we have chosen «File Name Pattern», so we can insert the name or extension of a file we want to block.
CONFIGURING DLP - CONTINUED Filtering on file name or extension basis is a very simple method and exposes your network to data leaks in case users rename files. A more sophisticated method is filtering by file type. In this case, the Fortigate scans file content and recognizes its type also in case a user renames it. Now we have to associate the just created file filter to a new sensor. Go to Security Profiles > Data Leak Prevention > Sensors. Select the plus icon in the upper right corner of the window to create a new sensor.
CONFIGURING DLP - CONTINUED Select Create New to make a new filter and set the type to Files. Enable File Type included in and set it to your previously created file filter. Under Examine the following Services, select the services you wish to monitor with DLP. Finally set the Action to Block. Now the only thing to do is to associate the sensor to a firewall policy for the traffic going outside.
MORE NEEDS? See hints on www.ipmax.it Or email us your questions to info_ipmax@ipmax.it
IPMAX IPMAX is a Fortinet Partner in Italy. IPMAX is the ideal partner for companies seeking quality in products and services. IPMAX guarantees method and professionalism to support its customers in selecting technologies with the best quality / price ratio, in the design, installation, commissioning and operation. IPMAX srl Via Ponchielli, 4 20063 Cernusco sul Naviglio (MI) – Italy +39 02 9290 9171

Recommandé

Network Address Translation (NAT)
Network Address Translation (NAT)Network Address Translation (NAT)
Network Address Translation (NAT)
Joud Khattab
 
Network Troubleshooting
Network TroubleshootingNetwork Troubleshooting
Network Troubleshooting
Joy Sarker
 
Fortinet
FortinetFortinet
Fortinet
Petre-doru Dragus
 
Network Security - Fortinet, Dublin June 2017
Network Security - Fortinet, Dublin June 2017Network Security - Fortinet, Dublin June 2017
Network Security - Fortinet, Dublin June 2017
Novosco
 
Aruba 802.11n Networks Validated Reference Design
Aruba 802.11n Networks Validated Reference DesignAruba 802.11n Networks Validated Reference Design
Aruba 802.11n Networks Validated Reference Design
Aruba, a Hewlett Packard Enterprise company
 
5 reasons why you need a network monitoring tool
5 reasons why you need a network monitoring tool5 reasons why you need a network monitoring tool
5 reasons why you need a network monitoring tool
ManageEngine, Zoho Corporation
 
network monitoring system ppt
network monitoring system pptnetwork monitoring system ppt
network monitoring system ppt
ashutosh rai
 
Advanced RF Design & Troubleshooting
Advanced RF Design & TroubleshootingAdvanced RF Design & Troubleshooting
Advanced RF Design & Troubleshooting
Aruba, a Hewlett Packard Enterprise company
 

Recommandé

Network Address Translation (NAT)
Network Address Translation (NAT)Network Address Translation (NAT)
Network Address Translation (NAT)
Joud Khattab
 
Network Troubleshooting
Network TroubleshootingNetwork Troubleshooting
Network Troubleshooting
Joy Sarker
 
Fortinet
FortinetFortinet
Fortinet
Petre-doru Dragus
 
Network Security - Fortinet, Dublin June 2017
Network Security - Fortinet, Dublin June 2017Network Security - Fortinet, Dublin June 2017
Network Security - Fortinet, Dublin June 2017
Novosco
 
Aruba 802.11n Networks Validated Reference Design
Aruba 802.11n Networks Validated Reference DesignAruba 802.11n Networks Validated Reference Design
Aruba 802.11n Networks Validated Reference Design
Aruba, a Hewlett Packard Enterprise company
 
5 reasons why you need a network monitoring tool
5 reasons why you need a network monitoring tool5 reasons why you need a network monitoring tool
5 reasons why you need a network monitoring tool
ManageEngine, Zoho Corporation
 
network monitoring system ppt
network monitoring system pptnetwork monitoring system ppt
network monitoring system ppt
ashutosh rai
 
Advanced RF Design & Troubleshooting
Advanced RF Design & TroubleshootingAdvanced RF Design & Troubleshooting
Advanced RF Design & Troubleshooting
Aruba, a Hewlett Packard Enterprise company
 
Internet architecture protocol
Internet architecture protocolInternet architecture protocol
Internet architecture protocol
GLIM Digital
 
Mcsa certification 410
Mcsa certification 410Mcsa certification 410
Mcsa certification 410
Information Technology
 
Switch Cisco Catalyst 9300 Datasheet (2022).pdf
Switch Cisco Catalyst 9300 Datasheet (2022).pdfSwitch Cisco Catalyst 9300 Datasheet (2022).pdf
Switch Cisco Catalyst 9300 Datasheet (2022).pdf
SAM Romania
 
FortiGate Firewall How-To: WEB Filtering
FortiGate Firewall How-To: WEB FilteringFortiGate Firewall How-To: WEB Filtering
FortiGate Firewall How-To: WEB Filtering
IPMAX s.r.l.
 
Ip address and subnetting
Ip address and subnettingIp address and subnetting
Ip address and subnetting
IGZ Software house
 
Computer Networking 101
Computer Networking 101Computer Networking 101
Computer Networking 101
Sameer Mahajan
 
Network Troubleshooting - Part 1
Network Troubleshooting - Part 1Network Troubleshooting - Part 1
Network Troubleshooting - Part 1
SolarWinds
 
802.11r Explained.
802.11r Explained. 802.11r Explained.
802.11r Explained.
Ajay Gupta
 
Domain Controller.pptx
Domain Controller.pptxDomain Controller.pptx
Domain Controller.pptx
ENTERTAINMENTHASNOEN
 
Computer networks chapter1
Computer networks chapter1Computer networks chapter1
Computer networks chapter1
kirankumar boidhapu
 
Implementación de un servidor PROXY.
Implementación de un servidor PROXY.Implementación de un servidor PROXY.
Implementación de un servidor PROXY.
Alfredo Humberto Escalante Godinez
 
OSPF v3
OSPF v3OSPF v3
OSPF v3
Irsandi Hasan
 
What is Network Address Translation (NAT)
What is Network Address Translation (NAT)What is Network Address Translation (NAT)
What is Network Address Translation (NAT)
Amit Kumar , Jaipur Engineers
 
DHCP
DHCPDHCP
DHCP
Kashif Latif
 
Subnetting
SubnettingSubnetting
Subnetting
selvakumar_b1985
 
Subnet Mask
Subnet MaskSubnet Mask
Subnet Mask
NetProtocol Xpert
 
Network testing and debugging
Network testing and debuggingNetwork testing and debugging
Network testing and debugging
SADEED AMEEN
 
Nat presentation
Nat presentationNat presentation
Nat presentation
hassoon3
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network Security
Information Technology
 
Nat pat
Nat patNat pat
Nat pat
CYBERINTELLIGENTS
 
Fortigate Training
Fortigate TrainingFortigate Training
Fortigate Training
NCS Computech Ltd.
 
MicrosoftのOSSへの取り組み
MicrosoftのOSSへの取り組みMicrosoftのOSSへの取り組み
MicrosoftのOSSへの取り組み
Shinichiro Arai
 

Contenu connexe

Tendances

Internet architecture protocol
Internet architecture protocolInternet architecture protocol
Internet architecture protocol
GLIM Digital
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network Security
Information Technology
 

Tendances (20)

Internet architecture protocol
Internet architecture protocolInternet architecture protocol
Internet architecture protocol
 
Mcsa certification 410
Mcsa certification 410Mcsa certification 410
Mcsa certification 410
 
Switch Cisco Catalyst 9300 Datasheet (2022).pdf
Switch Cisco Catalyst 9300 Datasheet (2022).pdfSwitch Cisco Catalyst 9300 Datasheet (2022).pdf
Switch Cisco Catalyst 9300 Datasheet (2022).pdf
 
FortiGate Firewall How-To: WEB Filtering
FortiGate Firewall How-To: WEB FilteringFortiGate Firewall How-To: WEB Filtering
FortiGate Firewall How-To: WEB Filtering
 
Ip address and subnetting
Ip address and subnettingIp address and subnetting
Ip address and subnetting
 
Computer Networking 101
Computer Networking 101Computer Networking 101
Computer Networking 101
 
Network Troubleshooting - Part 1
Network Troubleshooting - Part 1Network Troubleshooting - Part 1
Network Troubleshooting - Part 1
 
802.11r Explained.
802.11r Explained. 802.11r Explained.
802.11r Explained.
 
Domain Controller.pptx
Domain Controller.pptxDomain Controller.pptx
Domain Controller.pptx
 
Computer networks chapter1
Computer networks chapter1Computer networks chapter1
Computer networks chapter1
 
Implementación de un servidor PROXY.
Implementación de un servidor PROXY.Implementación de un servidor PROXY.
Implementación de un servidor PROXY.
 
OSPF v3
OSPF v3OSPF v3
OSPF v3
 
What is Network Address Translation (NAT)
What is Network Address Translation (NAT)What is Network Address Translation (NAT)
What is Network Address Translation (NAT)
 
DHCP
DHCPDHCP
DHCP
 
Subnetting
SubnettingSubnetting
Subnetting
 
Subnet Mask
Subnet MaskSubnet Mask
Subnet Mask
 
Network testing and debugging
Network testing and debuggingNetwork testing and debugging
Network testing and debugging
 
Nat presentation
Nat presentationNat presentation
Nat presentation
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network Security
 
Nat pat
Nat patNat pat
Nat pat
 

En vedette

Assistive Technology Presentation
Assistive Technology PresentationAssistive Technology Presentation
Assistive Technology Presentation
Michelle Allen
 
NORMAS AASHTO2007 SECCIÓN2 DEFINICIONES
NORMAS AASHTO2007 SECCIÓN2 DEFINICIONESNORMAS AASHTO2007 SECCIÓN2 DEFINICIONES
NORMAS AASHTO2007 SECCIÓN2 DEFINICIONES
pablosantosfreire
 
El galante. TIC
El galante. TICEl galante. TIC
El galante. TIC
El Galante
 
Automobile company centralizes master data management for improved efficiency
Automobile company centralizes master data management for improved efficiencyAutomobile company centralizes master data management for improved efficiency
Automobile company centralizes master data management for improved efficiency
Capgemini
 
Curriculum Vitae_Cramer 01132016
Curriculum Vitae_Cramer 01132016Curriculum Vitae_Cramer 01132016
Curriculum Vitae_Cramer 01132016
Joel Cramer
 
Revista az disputa por la educacion
Revista az disputa por la educacionRevista az disputa por la educacion
Revista az disputa por la educacion
Lina Salvador
 

En vedette (20)

Fortigate Training
Fortigate TrainingFortigate Training
Fortigate Training
 
MicrosoftのOSSへの取り組み
MicrosoftのOSSへの取り組みMicrosoftのOSSへの取り組み
MicrosoftのOSSへの取り組み
 
スタートアップがスマホアプリゲームをAzureのサービスで運用した話
スタートアップがスマホアプリゲームをAzureのサービスで運用した話スタートアップがスマホアプリゲームをAzureのサービスで運用した話
スタートアップがスマホアプリゲームをAzureのサービスで運用した話
 
【FORTINET様】第3回SoftLayer勉強会資料
【FORTINET様】第3回SoftLayer勉強会資料【FORTINET様】第3回SoftLayer勉強会資料
【FORTINET様】第3回SoftLayer勉強会資料
 
Tutti pronti per Windows 10?
Tutti pronti per Windows 10?Tutti pronti per Windows 10?
Tutti pronti per Windows 10?
 
Assistive Technology Presentation
Assistive Technology PresentationAssistive Technology Presentation
Assistive Technology Presentation
 
VDI Performance of PRIMERGY S7 Server Generation
VDI Performance of PRIMERGY S7 Server GenerationVDI Performance of PRIMERGY S7 Server Generation
VDI Performance of PRIMERGY S7 Server Generation
 
NORMAS AASHTO2007 SECCIÓN2 DEFINICIONES
NORMAS AASHTO2007 SECCIÓN2 DEFINICIONESNORMAS AASHTO2007 SECCIÓN2 DEFINICIONES
NORMAS AASHTO2007 SECCIÓN2 DEFINICIONES
 
El galante. TIC
El galante. TICEl galante. TIC
El galante. TIC
 
Delio Live Help Tool "Software marketing y Ventas"- by Walmeric
Delio Live Help Tool "Software marketing y Ventas"- by Walmeric Delio Live Help Tool "Software marketing y Ventas"- by Walmeric
Delio Live Help Tool "Software marketing y Ventas"- by Walmeric
 
Bauerngarten No.1 Laurustico
Bauerngarten No.1 LaurusticoBauerngarten No.1 Laurustico
Bauerngarten No.1 Laurustico
 
La citazione in giudizio verso Mercedes
La citazione in giudizio verso MercedesLa citazione in giudizio verso Mercedes
La citazione in giudizio verso Mercedes
 
Ved
VedVed
Ved
 
metodos de fenotipificacion
metodos de fenotipificacionmetodos de fenotipificacion
metodos de fenotipificacion
 
4 g lte vs wimax,
4 g lte vs wimax,4 g lte vs wimax,
4 g lte vs wimax,
 
Presentacion industrias racionero
Presentacion industrias racioneroPresentacion industrias racionero
Presentacion industrias racionero
 
Automobile company centralizes master data management for improved efficiency
Automobile company centralizes master data management for improved efficiencyAutomobile company centralizes master data management for improved efficiency
Automobile company centralizes master data management for improved efficiency
 
Curriculum Vitae_Cramer 01132016
Curriculum Vitae_Cramer 01132016Curriculum Vitae_Cramer 01132016
Curriculum Vitae_Cramer 01132016
 
Revista az disputa por la educacion
Revista az disputa por la educacionRevista az disputa por la educacion
Revista az disputa por la educacion
 
Lean outlook
Lean outlookLean outlook
Lean outlook
 

Similaire à Fortigate Firewall How to - DLP

10 cosas que un firewall debería hacer
10 cosas que un firewall debería hacer10 cosas que un firewall debería hacer
10 cosas que un firewall debería hacer
aloscocco
 
Installing R H E L 5
Installing R H E L 5Installing R H E L 5
Installing R H E L 5
monywa
 
Eu gdpr technical workflow and productionalization neccessary w privacy ass...
Eu gdpr technical workflow and productionalization neccessary w privacy ass...Eu gdpr technical workflow and productionalization neccessary w privacy ass...
Eu gdpr technical workflow and productionalization neccessary w privacy ass...
Steven Meister
 

Similaire à Fortigate Firewall How to - DLP (20)

Explore Top Data Loss Prevention Tools | Fortify with DLP Software
Explore Top Data Loss Prevention Tools | Fortify with DLP SoftwareExplore Top Data Loss Prevention Tools | Fortify with DLP Software
Explore Top Data Loss Prevention Tools | Fortify with DLP Software
 
Seclore FileSecure IBM Filenet Walkthrough
Seclore FileSecure IBM Filenet WalkthroughSeclore FileSecure IBM Filenet Walkthrough
Seclore FileSecure IBM Filenet Walkthrough
 
Dlp Methodology
Dlp MethodologyDlp Methodology
Dlp Methodology
 
Scanning & Password Protecting Docs
Scanning & Password Protecting DocsScanning & Password Protecting Docs
Scanning & Password Protecting Docs
 
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykData Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
 
10 cosas que un firewall debería hacer
10 cosas que un firewall debería hacer10 cosas que un firewall debería hacer
10 cosas que un firewall debería hacer
 
Seclore File Secure Introduction Brief
Seclore File Secure Introduction BriefSeclore File Secure Introduction Brief
Seclore File Secure Introduction Brief
 
IRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A Survey
 
Data Lost Prevention (DLP).pdf
Data Lost Prevention (DLP).pdfData Lost Prevention (DLP).pdf
Data Lost Prevention (DLP).pdf
 
White paper clape
White paper clapeWhite paper clape
White paper clape
 
18 Tips for Data Classification - Data Sheet by Secure Islands
18 Tips for Data Classification - Data Sheet by Secure Islands18 Tips for Data Classification - Data Sheet by Secure Islands
18 Tips for Data Classification - Data Sheet by Secure Islands
 
DLP Solutions Protection | Seclore
DLP Solutions Protection | SecloreDLP Solutions Protection | Seclore
DLP Solutions Protection | Seclore
 
Brochure forcepoint dlp_en
Brochure forcepoint dlp_enBrochure forcepoint dlp_en
Brochure forcepoint dlp_en
 
Microsoft 365 | Modern workplace
Microsoft 365 | Modern workplaceMicrosoft 365 | Modern workplace
Microsoft 365 | Modern workplace
 
Installing R H E L 5
Installing R H E L 5Installing R H E L 5
Installing R H E L 5
 
Eu gdpr technical workflow and productionalization neccessary w privacy ass...
Eu gdpr technical workflow and productionalization neccessary w privacy ass...Eu gdpr technical workflow and productionalization neccessary w privacy ass...
Eu gdpr technical workflow and productionalization neccessary w privacy ass...
 
Azure Data Loss Prevention
Azure Data Loss PreventionAzure Data Loss Prevention
Azure Data Loss Prevention
 
Seclore FileSecure HotFolder Walkthrough
Seclore FileSecure HotFolder WalkthroughSeclore FileSecure HotFolder Walkthrough
Seclore FileSecure HotFolder Walkthrough
 
Mazenet Technologies-Tally
Mazenet Technologies-TallyMazenet Technologies-Tally
Mazenet Technologies-Tally
 
Storage Made Easy solution to fragmented data
Storage Made Easy solution to fragmented dataStorage Made Easy solution to fragmented data
Storage Made Easy solution to fragmented data
 

Plus de IPMAX s.r.l.

Plus de IPMAX s.r.l. (10)

Cisco Switch How To - Secure a Switch Port
Cisco Switch How To - Secure a Switch PortCisco Switch How To - Secure a Switch Port
Cisco Switch How To - Secure a Switch Port
 
Huawei ARG3 Router How To - Troubleshooting OSPF: Netmask mismatch
Huawei ARG3 Router How To - Troubleshooting OSPF: Netmask mismatchHuawei ARG3 Router How To - Troubleshooting OSPF: Netmask mismatch
Huawei ARG3 Router How To - Troubleshooting OSPF: Netmask mismatch
 
Huawei ARG3 Router How To - Troubleshooting OSPF: Router ID Confusion
Huawei ARG3 Router How To - Troubleshooting OSPF: Router ID ConfusionHuawei ARG3 Router How To - Troubleshooting OSPF: Router ID Confusion
Huawei ARG3 Router How To - Troubleshooting OSPF: Router ID Confusion
 
Huawei Switch S5700 How To - Configuring single-tag vlan mapping
Huawei Switch S5700 How To - Configuring single-tag vlan mappingHuawei Switch S5700 How To - Configuring single-tag vlan mapping
Huawei Switch S5700 How To - Configuring single-tag vlan mapping
 
Huawei SAN Storage How To - Configuring the i-SCSI Communication Protocol
Huawei SAN Storage How To - Configuring the i-SCSI Communication ProtocolHuawei SAN Storage How To - Configuring the i-SCSI Communication Protocol
Huawei SAN Storage How To - Configuring the i-SCSI Communication Protocol
 
Huawei SAN Storage How To - ISM management application setup
Huawei SAN Storage How To - ISM management application setupHuawei SAN Storage How To - ISM management application setup
Huawei SAN Storage How To - ISM management application setup
 
Huawei SAN Storage How To - Assigning Management IP Address
Huawei SAN Storage How To - Assigning Management IP AddressHuawei SAN Storage How To - Assigning Management IP Address
Huawei SAN Storage How To - Assigning Management IP Address
 
Huawei Switch How To - Configuring a basic DHCP server
Huawei Switch How To - Configuring a basic DHCP serverHuawei Switch How To - Configuring a basic DHCP server
Huawei Switch How To - Configuring a basic DHCP server
 
HUAWEI Switch HOW-TO - Configuring link aggregation in static LACP mode
HUAWEI Switch HOW-TO - Configuring link aggregation in static LACP modeHUAWEI Switch HOW-TO - Configuring link aggregation in static LACP mode
HUAWEI Switch HOW-TO - Configuring link aggregation in static LACP mode
 
FortiGate Firewall HOW-TO - DMZ
FortiGate Firewall HOW-TO - DMZFortiGate Firewall HOW-TO - DMZ
FortiGate Firewall HOW-TO - DMZ
 

Dernier

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 

Dernier (20)

Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 

Fortigate Firewall How to - DLP

  • 1. FORTIGATE FIREWALL HOW TO DLP www.ipmax.it
  • 2. INTRODUCTION If you are working for an enterprise or your business requires confidentiality, you may need to implement countermeasures in order to prevent sensitive data to go outside your company. Fortigate feature that implements data confidentiality is called Data Leak Prevention (DLP). DLP scans outgoing traffic and blocks any sensitive data from leaving your network. In order to configure DLP, the feature must be enabled on the firewall. As all other Fortigate capabilities, DLP can be enabled without any ad hoc license. Go to System > Config > Features and enable both DLP and Multiple Security Profiles if they are not yet active.
  • 3. CONFIGURING DLP As many other feature, the configuration foresees the creation of a sensor and its application to a firewall policy. Go to Security Profiles > Data Leak Prevention > File Filter. Select Create New to make a File Filter Table. Insert the table name and click OK; now we can insert new filters. Creating the filter we can chose the filter type (file name or file type). In the example at right side we have chosen «File Name Pattern», so we can insert the name or extension of a file we want to block.
  • 4. CONFIGURING DLP - CONTINUED Filtering on file name or extension basis is a very simple method and exposes your network to data leaks in case users rename files. A more sophisticated method is filtering by file type. In this case, the Fortigate scans file content and recognizes its type also in case a user renames it. Now we have to associate the just created file filter to a new sensor. Go to Security Profiles > Data Leak Prevention > Sensors. Select the plus icon in the upper right corner of the window to create a new sensor.
  • 5. CONFIGURING DLP - CONTINUED Select Create New to make a new filter and set the type to Files. Enable File Type included in and set it to your previously created file filter. Under Examine the following Services, select the services you wish to monitor with DLP. Finally set the Action to Block. Now the only thing to do is to associate the sensor to a firewall policy for the traffic going outside.
  • 6. MORE NEEDS? See hints on www.ipmax.it Or email us your questions to info_ipmax@ipmax.it
  • 7. IPMAX IPMAX is a Fortinet Partner in Italy. IPMAX is the ideal partner for companies seeking quality in products and services. IPMAX guarantees method and professionalism to support its customers in selecting technologies with the best quality / price ratio, in the design, installation, commissioning and operation. IPMAX srl Via Ponchielli, 4 20063 Cernusco sul Naviglio (MI) – Italy +39 02 9290 9171