FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
yangw
Staff
Staff
Article Id 232080
Description This article describes that FortiGate ICAP is integrated with Forcepoint DLP, but the parameter value of FortiGate ICAP X-Authenticated-User received by DLP is anonymous instead of the correct user name.
Scope FortiOS 7.2.
Solution

1) Disable the user anonymize setting under the log setting:


# config log setting
    set user-anonymize disable
end

 

2) Create ICAP header under the profile then the user name can be received/displayed based on the format in Forcepoint DLP.

 

# config icap-headers
    edit 1
        set name "X-Authenticated-User"
        set content "WinNT://$user"   <-----
        set base64-encoding enable  <-----
    next
end

Contributors