- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Whitelist DLP ?
Hello,
We just proceed with DLP implementation.
We create DLP rules to examine and supress mail wich content .js, .bat ... inside archives .zip
However, how can we add exception for single sender identified by his email adress or his IP ?
Thanks for the answer.
Best regards
Fortigate 500D Firmware v5.2.4
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
i don't get it exactly what you mean by white list but, you can config your policy with DLP+Web Filter Exempt.
like this,
create a new web filter profile, and enable URL filter, then add the address you want to download from, and choose Exempt as action. then on your Internet Policy or the same Policy that u enabled DLP, add this web filter profile. it worked for me, for web white list on DLP.
your single sender is inside your network or outside?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi, Really FortiOS don't have any way to configure a whitelist over DLP? I'm on the same scenario like you and I could'nt find any way to do it... maybe using CLI but i'm not an expert on it. Please, some clue about it! regards
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
i don't get it exactly what you mean by white list but, you can config your policy with DLP+Web Filter Exempt.
like this,
create a new web filter profile, and enable URL filter, then add the address you want to download from, and choose Exempt as action. then on your Internet Policy or the same Policy that u enabled DLP, add this web filter profile. it worked for me, for web white list on DLP.
your single sender is inside your network or outside?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi, My question it's about DLP exemptions on email filtering. I know how can I do it on the web filtering using the "exempt" action, but this same behaviour it's impossible on DLP applied to email filtering.
In my case, I solved my need deploying an IPv4 rule for the SMTP traffic that becomes from the public IP address that I want to make an exemption and I moved this rule to highest priority than the general rule for SMTP traffic.
This solution, in my case, isn't enough effective but that's the only way to achieve my objective. I hope that I'm explained clearly.