Data loss events continue to increase every year, resulting in fines, penalties and loss of revenue for companies worldwide. Many data loss events are caused by trusted employees who frequently send sensitive data into untrusted zones, either intentionally or by accident. Fortinet DLP uses sophisticated pattern matching techniques and user identity to detect and prevent unauthorized communication of sensitive information and files through the network perimeter. Fortinet DLP features include fingerprinting of document files and document file sources, multiple inspection modes (proxy and flow-based), enhanced pattern matching and data archiving.
Fortinet DLP can monitor numerous Internet, email and instant messaging protocols for sensitive data. It can also search content based on text strings, as well as enhanced pattern matching including wild cards and Perl regular expressions. For example, pattern matching can be used to scan network traffic for sensitive personal information such as social security and credit cards numbers. When it finds a match, it can block sensitive content, pass it on to the intended recipient or archive it with potential leak notifications generated. Fortinet DLP can be used to block sensitive information coming into the network or going out. For example, by blocking content often found in spam email messages, DLP can enhance your incoming data protection measures.
Fortinet DLP sensors provide a central location to you to configure and store desired DLP features, and can be used to specify parameters such as document file fingerprints, document file sources, inspection modes, enhanced pattern matching, and archiving preferences. DLP sensors can contain multiple DLP filters, and you can point each of these filters to a configured DLP feature, such as fingerprinting.
You can also enable content archiving to store a record all content, or selected content that passes through a FortiGate unit. DLP sensors can be created to archive sensitive content or content delivered using certain protocols, and you can archive content to a FortiGate or FortiAnalyzer appliance. Archiving DLP content is useful when auditing is required by law, or for simply keeping track of network usage. Full DLP content archiving also saves web pages, email messages, and files in their entirety.