I want to prevent client pcs from uploading/downloading attachments in Gmail.
The client pcs are behind a vanilla firewall policy with AV, Web Filter and IPS enabled. No Application Control is active on that policy and donâ€™t want to use Application Control in firewall policies.
The clients pcs run Forticlient 5.09 and are registered with the Fortigate (v5.0,build3608 GA Patch 7).
In the Application Control, I see that an Application exists for this specific purpose (â€œGmail_Attachmentâ€, nr. 16170 ), so I create a new sensor with a block â€œGmail_Attachmentâ€ before the 2 default sensors (monitor all other known and unknown applications).
In Endpoint Protection, I select a profile, turn on â€œApplication Firewallâ€ and select the sensor just created.
A few seconds later, my pc' s Forticlient notifies the reception of the configuration update, and also adds a new tab â€œApplication Firewallâ€. However, the tab only shows the ' OK for all known applications' , but no mention of the Gmail attachments' restriction.
Also, the uploading/downloading attachments in Gmail continues to work.
Is the above the correct procedure?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.