Description | This article describes how to block PDF files larger than a specific size to be uploaded or downloaded using DLP(Data Leak Prevention). |
Scope | FortiGate v7.2. |
Solution |
Data Leak Prevention is not enabled by default. It has to be enabled from the Feature Visibility under Settings. Once this is enabled, the DLP feature would be visible under Security Profiles.
1) The File-pattern for PDF has to be created first.
# config dlp filepattern edit 10 end
2) Configure the DLP Profile:
# config dlp profile set file-size 5000 <----- Specify the size in KB to be blocked
3) Add the DLP profile 'profile-case3_pdf' to the Policy:
# config firewall policy next end
To view the logs, go to Log & Report -> Security Events -> DLP.
Sample log for the above configuration: |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.