I have a Fortigate 40F running v7.2.2 and I am trying to configure a DLP profile to block downloads of files 100MB or larger. This profile is applied to a proxy policy.
I've been testing the profile with various sizes of downloads and it doesn't appear to be blocking the download correctly. I got some downloads blocked but the size-file value doesn't seem to be right, it's set in kB but doesn't seem to relate to the actual file size. Below is the profile config
config dlp profile
set feature-set proxy
set name "Block100MB"
set proto smtp pop3 http-get http-post ftp nntp cifs
set file-size 102400
set action block
I've been testing different file-size values and it doesn't seem to work correctly. The value is kB, so 102400 should block anything above 100Mb, however it isn't.
Is there any config I've missed? Alternatively is there any other way of blocking downloads of files of a certain size in v7.2.2?