i make DLP sensor and map it with a policy to prevent download files large than 500M
after apply, user can not download small or large files
Please provide the output of your sensor from the CLI:
config dlp sensor
edit "Large-File"
config filter
edit 1
set name "Large-File-Filter"
set proto smtp pop3 imap http-get http-post mapi
set filter-by file-size
set file-size 51240
set action log-only
next
end
next
end
You can also watch to flows to get a better idea why it's failing:
diagnose debug reset
diagnose debug enable
diagnose debug flow show console enable
diagnose debug flow filter addr <source ip>
diagnose debug flow trace start 100
To stop the debug:
diagnose debug disable
diagnose debug reset
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.