| Solution |
DLP fingerprinting can be configured to detect sensitive files. The file that the DLP sensor will filter when uploaded requires setting the sensitivity via fp-doc-source.
FortiGate needs to access the file server to create a DLP fingerprint by following these steps:
config dlp fp-doc-source
edit "test"
set file-path "/fingerprint/upload/"
set sensitivity "Critical"
In Fingerprints, the sensitivity is different from that created by fb-doc-source in the DLP profile. It will not block the file if the DLP profile has a different sensitivity.
edit "test"
set sensitivity "private" <- It is different from the value in fp-doc-source.
set action block
After, it will show the sensitivity as zero.
FGT # diagnose test application dlpfingerprint 3
File DB:
---------------------------------------
id, filename, vdom, archive, deleted, scanTime, docSourceSrvr, sensitivity, chunkCnt, reviseCnt,
1, /fingerprint/upload/1.txt, root, 0, 0, 1494868196, 1, 0, 1, 0,
To check the fingerprint database with the following command
Make sure the sensitivity is the same on the DLP profile as it is in fp-doc-source.
FGT # diagnose test application dlpfingerprint 3
File DB:
---------------------------------------
id, filename, vdom, archive, deleted, scanTime, docSourceSrvr, sensitivity, chunkCnt, reviseCnt,
1, /fingerprint/upload/1.txt, root, 0, 0, 1494868196, 1, 2, 1, 0,
2, /fingerprint/upload/30percentage.xls, root, 0, 0, 1356118250, 1, 2, 13, 0,
3, /fingerprint/upload/50.pdf, root, 0, 0, 1356118250, 1, 2, 122, 0,
If the sensitivity level change is not reflected after adjusting it from one level to another, try rebooting the device and checking again.
For full configuration steps, refer to the documentation.
|
