Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Fortigate DLP File Size Blocking



I have a Fortigate 40F running v7.2.2 and I am trying to configure a DLP profile to block downloads of files 100MB or larger.  This profile is applied to a proxy policy.


I've been testing the profile with various sizes of downloads and it doesn't appear to be blocking the download correctly.  I got some downloads blocked but the size-file value doesn't seem to be right, it's set in kB but doesn't seem to relate to the actual file size.  Below is the profile config


config dlp profile
edit "Block100"
set feature-set proxy
config rule
edit 1
set name "Block100MB"
set proto smtp pop3 http-get http-post ftp nntp cifs
set file-size 102400
set action block


I've been testing different file-size values and it doesn't seem to work correctly.  The value is kB, so 102400 should block anything above 100Mb, however it isn't.


Is there any config I've missed?  Alternatively is there any other way of blocking downloads of files of a certain size in v7.2.2?





Hi J, do you have SSL deep-inspection applied to the firewall policy? I am guessing most likely almost all sites are encrypted and running on HTTPS, so therefore it will not works without deep-inspection? 

New Contributor


Yes deep inspection is applied.


Actually I think I've found a solution to this, creating Protocol Options profiles (Policy & Objects > Protocol Options) and in there you can configure the threshold for blocking oversize files and emails.  I need to test this out though.


Not sure whether this has an impact on the size of files that will be scanned by av though, which is 10mb by default I believe.


Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors