Technical Tip: Block the source code file like jav...

FortiGate

FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.

Article Id 367619

Description

This article describes the steps to follow to configure the DLP on FortiGate to block the source code using FortiGuard DLP sensors and dictionaries.

Scope

FortiGate.

Solution

FortiGuard DLP sensor is a licensed feature that is available from v 7.4.x. Confirm if FortiGate has the DLP license:

Enable the 'dldb' in FortiGate's FortiGuard settings if it is disabled. It is enabled by default.
After enabling, verify the status of the DLP signature database from FortiGuard Updates by running the following command:

diagnose autoupdate versions | grep -A6 DLP

DLP Signatures
---------
Version: 1.00010
Contract Expiry Date: Thu Nov 20 2025
Last Updated using manual update on Wed Jan 1 10:50:19 2025
Last Update Attempt: Sat Jan 4 12:15:05 2025
Result: No Updates
Create a DLP security profile using the FortiGuard DLP sensors 'fg-source_code' as shown below
the example.

Example:

DLP profile for blocking source codes like Java, Python, C, and Powershell files.
Use this profile for the firewall policy.

Note:

'fg-source_code' sensors are pushed by the FortiGuard to the FortiGate.

If the FortiGuard sensor and dictionaries are not visible on FortiGate refer to the below article for troubleshooting: Technical Tip: FortiGuard DLP sensors and dictionaries are not populating on FortiGate.

634

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Technical Tip: Block the source code file like java, python, C, Powershell using FortiGuard DLP sensors

You are leaving our website