fortigate/vdom_root/dlp.cfg Wed Oct 15 08:27:19 PM EDT 2025
This commit is contained in:
parent
b406521feb
commit
a185892d76
149
configs/fortigate/vdom_root/dlp.cfg
Normal file
149
configs/fortigate/vdom_root/dlp.cfg
Normal file
@ -0,0 +1,149 @@
|
||||
config dlp filepattern
|
||||
edit 1
|
||||
set name "builtin-patterns"
|
||||
config entries
|
||||
edit "*.bat"
|
||||
next
|
||||
edit "*.com"
|
||||
next
|
||||
edit "*.dll"
|
||||
next
|
||||
edit "*.doc"
|
||||
next
|
||||
edit "*.exe"
|
||||
next
|
||||
edit "*.gz"
|
||||
next
|
||||
edit "*.hta"
|
||||
next
|
||||
edit "*.ppt"
|
||||
next
|
||||
edit "*.rar"
|
||||
next
|
||||
edit "*.scr"
|
||||
next
|
||||
edit "*.tar"
|
||||
next
|
||||
edit "*.tgz"
|
||||
next
|
||||
edit "*.vb?"
|
||||
next
|
||||
edit "*.wps"
|
||||
next
|
||||
edit "*.xl?"
|
||||
next
|
||||
edit "*.zip"
|
||||
next
|
||||
edit "*.pif"
|
||||
next
|
||||
edit "*.cpl"
|
||||
next
|
||||
end
|
||||
next
|
||||
edit 2
|
||||
set name "all_executables"
|
||||
config entries
|
||||
edit "bat"
|
||||
set filter-type type
|
||||
set file-type bat
|
||||
next
|
||||
edit "exe"
|
||||
set filter-type type
|
||||
set file-type exe
|
||||
next
|
||||
edit "elf"
|
||||
set filter-type type
|
||||
set file-type elf
|
||||
next
|
||||
edit "hta"
|
||||
set filter-type type
|
||||
set file-type hta
|
||||
next
|
||||
end
|
||||
next
|
||||
end
|
||||
config dlp sensitivity
|
||||
edit "Private"
|
||||
next
|
||||
edit "Critical"
|
||||
next
|
||||
edit "Warning"
|
||||
next
|
||||
end
|
||||
config dlp sensor
|
||||
edit "g-default"
|
||||
set comment "Default sensor."
|
||||
next
|
||||
edit "g-sniffer-profile"
|
||||
set comment "Log a summary of email and web traffic."
|
||||
set summary-proto smtp pop3 imap http-get http-post
|
||||
next
|
||||
edit "Content_Archive"
|
||||
set feature-set proxy
|
||||
set full-archive-proto smtp pop3 imap http-get http-post ftp nntp mapi
|
||||
set summary-proto smtp pop3 imap http-get http-post ftp nntp mapi
|
||||
next
|
||||
edit "Content_Summary"
|
||||
set feature-set proxy
|
||||
set summary-proto smtp pop3 imap http-get http-post ftp nntp mapi
|
||||
next
|
||||
edit "Credit-Card"
|
||||
set feature-set proxy
|
||||
config filter
|
||||
edit 1
|
||||
set name "Credit-Card-Filter"
|
||||
set severity high
|
||||
set proto smtp pop3 imap http-get http-post mapi
|
||||
set action log-only
|
||||
next
|
||||
edit 2
|
||||
set name "Credit-Card-Filter"
|
||||
set severity high
|
||||
set type message
|
||||
set proto smtp pop3 imap http-post mapi
|
||||
set action log-only
|
||||
next
|
||||
end
|
||||
next
|
||||
edit "Large-File"
|
||||
set feature-set proxy
|
||||
config filter
|
||||
edit 1
|
||||
set name "Large-File-Filter"
|
||||
set proto smtp pop3 imap http-get http-post mapi
|
||||
set filter-by file-size
|
||||
set file-size 5120
|
||||
set action log-only
|
||||
next
|
||||
end
|
||||
next
|
||||
edit "SSN-Sensor"
|
||||
set comment "Match SSN numbers but NOT WebEx invite emails."
|
||||
set feature-set proxy
|
||||
config filter
|
||||
edit 1
|
||||
set name "SSN-Sensor-Filter"
|
||||
set severity high
|
||||
set type message
|
||||
set proto smtp pop3 imap mapi
|
||||
set filter-by regexp
|
||||
set regexp "WebEx"
|
||||
next
|
||||
edit 2
|
||||
set name "SSN-Sensor-Filter"
|
||||
set severity high
|
||||
set type message
|
||||
set proto smtp pop3 imap mapi
|
||||
set filter-by ssn
|
||||
set action log-only
|
||||
next
|
||||
edit 3
|
||||
set name "SSN-Sensor-Filter"
|
||||
set severity high
|
||||
set proto smtp pop3 imap http-get http-post ftp mapi
|
||||
set filter-by ssn
|
||||
set action log-only
|
||||
next
|
||||
end
|
||||
next
|
||||
end
|
||||
Loading…
x
Reference in New Issue
Block a user