Hi,
We are using Fortigate 300c. Currently, users can copy data from the system they are connecting from (home computer) to the system they are connecting to (corporate system) and vice versa . Is it possible to disable this functionality for specific users or portals (including clipboard)?
I am sure but I heard there was also another feature that creates a temporary workspace and clears the same when VPN is disconnected. How does that work and will that help here (if it is present)?
I am trying to prevent possible malware transfer and DLP with this method.
Thanks in advance.
Of course, you seems to have NO service filtering in your SSL Policy
Just set it up & users can only connect to what you allow them to
Thanks for the response scerazy. From our end we have enabled only RDP. The user is still able to copy files to and from the connected system and the host system. The Fortigate version we are using is 5.2.6.
Then there must be some OTHER policy that allows it!
This policy (as you see above, allows ONLY the specified service! - there is no magic to it
But what do you mean copy? Using Windows Explorer OR RDP mapped drives?
If the later then disable this funcionality!
Seb
Check via cli cmd "diag debug flow" to find the fwpolicy that allows for the unintended function and then 1> modify it or 2> add a correct fwpolicy.
PCNSE
NSE
StrongSwan
It doesn't sound like a firewall issue. I would suggest to review the group policies, especially 'device and resource redirection' capabilities: https://technet.microsoft.com/en-us/library/ee791756%28v=ws.10%29.aspx
Block copy paste from RDP server
--------------------------------------------
If all else fails, use the force !
As jklapas stated, this is a Windows issue. Files are copied and pasted over the RDP protocol, so unless there is some granular sniffing of the traffic, there is likely no way the Fortigate will ever know what is being transferred over the connection.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.