FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
yangw
Staff
Staff
Description This article describes that FortiGate ICAP is integrated with Forcepoint DLP, but the parameter value of FortiGate ICAP X-Authenticated-User received by DLP is anonymous instead of the correct user name.
Scope FortiOS 7.2.
Solution

1) Disable the user anonymize setting under the log setting:


# config log setting
    set user-anonymize disable
end

 

2) Create ICAP header under the profile then the user name can be received/displayed based on the format in Forcepoint DLP.

 

# config icap-headers
    edit 1
        set name "X-Authenticated-User"
        set content "WinNT://$user"   <-----
        set base64-encoding enable  <-----
    next
end

Contributors