Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Dipen
New Contributor III

Created on ‎09-06-2014 11:47 PM

DLP with HTTPS

We have created a DLP Filter to block EXE Files. It is working with HTTP Sites however download of exe' s still happening from HTTPS Sites. Same issue like WebFilter.

Ahead of the Threat. FCNSA v5 / FCNSP v5

Fortigate 1000C / 1000D / 1500D

 

Ahead of the Threat. FCNSA v5 / FCNSP v5 Fortigate 1000C / 1000D / 1500D
14965
0 Kudos
15 REPLIES 15
cdiaz
New Contributor

Created on ‎10-21-2014 11:57 PM

Hi, here you are:

 

#config-version=FGT60D-5.00-FW-build271-140410

 

 

2128
0 Kudos
Adrian_Buckley_FTNT
Staff
Staff

Created on ‎10-23-2014 11:37 AM

Others have already asked (and havn't answered) Your SSL/SSH Profile is set to Full SSL Inspection?

 

Certificate inspection will still allow for Web filtering through the use of the SNI.

It will not allow for any kind of content inspection

 

Preview file
9 KB
2127
0 Kudos
cdiaz
New Contributor

Created on ‎10-24-2014 12:03 AM

Can you put it from CLI? I have noticed that it is not always shown on GUI same options from differents FG series. On my FG-Tester I can't find what you say, even it is in the same OS version

 

2128
0 Kudos
Adeel
New Contributor

Created on ‎12-09-2014 09:18 PM

Dear Fellows ,

 

I have seen all above post I would like to ask you how to configure DLP for https enable website I mean if whoever want to try to upload company data on https enable website then fortigate generate the logs well i have tried with SSL DEEP INSPECTION but it does not work please assist me what should i do ? Normal http websites are working fine .

 

-Fortigate 100D version 5

2127
0 Kudos
Adrian_Buckley_FTNT
Staff
Staff

Created on ‎12-10-2014 07:27 AM

The FortiGate 100D supports SSL Deep inspection.  So for starters you will need to enable that.  Have you done so?

 

Also, Firmware version 5 is not specific enough.  What MR and patch?

2127
0 Kudos
Adeel
New Contributor

Created on ‎12-10-2014 10:42 PM

Dear Adrian ,

 

Thank you for reply mentioned below is fortigate system status if this is supported please send me the configuration steps for https with DLP basically my task is if anyone try to upload any kind of company file like word,pdf and xls etc it should be monitored kindly send me step by step configuration steps thank you.

 

Fortigate $ get system status

Version: FortiGate-100D v5.0,build0271,140124 (GA Patch 6)

Virus-DB: 23.00365(2014-12-10 12:11)

Extended DB: 21.00575(2014-02-04 20:03)

IPS-DB: 5.00583(2014-12-09 00:55)

IPS-ETDB: 0.00000(2001-01-01 00:00)

Serial-Number: FG100D

Botnet DB: 1.00379(2014-02-05 10:45)

BIOS version: 04000030

xxxxxxxxxxxx

Log hard disk: Available

Internal Switch mode: interface

Hostname: fortigate

Operation Mode: NAT

Current virtual domain: Browse

Max number of virtual domains: 10

Virtual domains status: 2 in NAT mode, 2 in TP mode

Virtual domain configuration: enable

FIPS-CC mode: disable

Current HA mode: a-p, master

Branch point: 271

Release Version Information: GA Patch 6

FortiOS x86-64: Yes

System time: Thu Dec 11 10:31:18 2014

2127
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.