Enable data leak prevention
DLP examines your network traffic for data patterns you specify. The FortiGate unit then performs an action based on the which pattern is found and a configuration set for each filter trigger.
DLP can only be configured for FortiGate's in proxy-based inspection.
General configuration steps
Follow the configuration procedures in the order given. Also, note that if you perform any additional actions between procedures, your configuration may have different results.
- Create a DLP sensor.
New DLP sensors are empty. You must create one or more filters in a sensor before it can examine network traffic.
- Add one or more filters to the DLP sensor.
Each filter searches for a specific data pattern. When a pattern in the active DLP sensor appears in the traffic, the FortiGate unit takes the action configured in the matching filter. Because the order of filters within a sensor cannot be changed, you must configure DLP in sequence.
- Add the DLP sensor to one or more firewall policies that control the traffic to be examined.