I want to prevent client pcs from uploading/downloading attachments in Gmail.
The client pcs are behind a vanilla firewall policy with AV, Web Filter and IPS enabled. No Application Control is active on that policy and donâ€™t want to use Application Control in firewall policies.
The clients pcs run Forticlient 5.09 and are registered with the Fortigate (v5.0,build3608 GA Patch 7).
In the Application Control, I see that an Application exists for this specific purpose (â€œGmail_Attachmentâ€, nr. 16170 ), so I create a new sensor with a block â€œGmail_Attachmentâ€ before the 2 default sensors (monitor all other known and unknown applications).
In Endpoint Protection, I select a profile, turn on â€œApplication Firewallâ€ and select the sensor just created.
A few seconds later, my pc' s Forticlient notifies the reception of the configuration update, and also adds a new tab â€œApplication Firewallâ€. However, the tab only shows the ' OK for all known applications' , but no mention of the Gmail attachments' restriction.
Also, the uploading/downloading attachments in Gmail continues to work.
Is the above the correct procedure?