FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes that FortiGate ICAP is integrated with Forcepoint DLP, but the parameter value of FortiGate ICAP X-Authenticated-User received by DLP is anonymous instead of the correct user name.
1) Disable the user anonymize setting under the log setting:
# config log setting set user-anonymize disable end
2) Create ICAP header under the profile then the user name can be received/displayed based on the format in Forcepoint DLP.
# config icap-headers edit 1 set name "X-Authenticated-User" set content "WinNT://$user" <----- set base64-encoding enable <----- next end
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.