FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
GGMACHAIN
Staff
Staff
Article Id 332428
Description

This article describes how to block CPF Brazil (SSN Social Security number) using the DLP feature. The steps below are the correct procedure for blocking any traffic that has a valid CPF number.

Scope FortiGate.
Solution
  1. Create a new 'Dictionary' in Security Profile -> Data Leak Prevention -> Dictionaries and select 'Create New'.

 

Use a pattern of type regex and add the following: \b\d{3}\.\d{3}\.\d{3}-\d{2}\bUse a pattern of type regex and add the following: \b\d{3}\.\d{3}\.\d{3}-\d{2}\b

 

 

  1. Create a new 'Sensor' in Security Profile -> Data Leak Prevention -> Sensor and select 'Create New'.

 Bind the 'Dictionary' created above to the sensorBind the 'Dictionary' created above to the sensor

 

 

  1. Create a DLP Profile using the 'Sensor' profile created in step 2 with action 'Block', Type 'Message', and protocol 'HTTP-POST'.

  

Bind the sensor created in the step above to the new rule created within the DLP profile.Bind the sensor created in the step above to the new rule created within the DLP profile.

 


Just select Ok and add this profile to the outgoing rule for the Internet.Just select Ok and add this profile to the outgoing rule for the Internet.

 

Note:

Use the DLP profile and policy in 'Proxy' mode and also enable 'deep-inspection' in the firewall policy.

 

Activate the deep-inspection profile in the outbound rule, some webfilter profile and the DLP profile created above.Activate the deep-inspection profile in the outbound rule, some webfilter profile and the DLP profile created above.

 

 

Don't forget to change the outgoing rule to "proxy" mode.Don't forget to change the outgoing rule to "proxy" mode.

 

To test whether the above configuration worked:

  • Find a valid CPF.
  • Open any website that validates CPF, examples of sites that validate CPF Brazil:

https://sso.acesso.gov.br/login

https://servicos.receita.fazenda.gov.br/Servicos/CPF/ConsultaSituacao/ConsultaPublica.asp

 

Blocking screen expected by the DLP profile for the end users.Blocking screen expected by the DLP profile for the end users.

Contributors