Fortinet black logo

online help

Home FortiCASB 20.1.0 online help

Policy Configuration

20.1.0
24.1.b
24.1.a
23.4.a
23.3.a
23.2.b
23.2.a
23.1.0
22.4.0
21.4.0
21.2.0
21.1.0
20.4.1
20.4.0
20.3.0
20.2.0
20.1.0
4.2.0
4.1.0
2.1.0
Copy Link
Copy Doc ID d2c8e2ba-6afb-11ea-9384-00505692583a:482958

Policy Configuration

Policy setting allows you to configure each policy to fit the need of your usage. Follow the steps below to configure policies.

  1. Select a cloud application from FortiCASB main dashboard.
  2. Click the Policy drop down menu, and select any type of Policy (Data Analysis, Threat Protection or Compliance)
  3. Click on the toggle switch under Status column to turn the Policy On or Off.

    4. Only the policy that is turned On can trigger alerts or record data in reports.
  4. Click on the right arrow sign > next to the policy to configure.
  5. Configure the settings in General and Context tab as described below in Policy Setting Tables. Every policy has different setting parameters. Follow the setting parameters table below to configure each policy.
  6. Click Save to complete the configuration.

The policy you set should be active after a few minutes.

For Compliance report, only polices with in Alert column will generate alerts. All other Compliance polices will generate data in Compliance reports.

General Configuration

These are the common parameters in General setting tab in Policy Configuration. Every policy has different setting parameters. Not all parameters are available in any given policy setting.

Parameter Name

Configurable

Description

Name

No

 The name of the policy.
Status

Yes

 Specify whether or not the policy is enabled to trigger alert. A policy is active when it is set to true.
Policy Description

No

 The description of the policy
Severity Level

Yes

 The severity level for the policy, you can set the severity level as Critical, Alert, Warning, or Information.
Policy Type

No

 The specific type of policy within the policy group. For example, PCI is a type of Compliance policy.

Context Configuration

These are the common parameters in Context tab in Policy Configuration. Every policy has different setting parameters. Not all parameters are available in any given policy setting.

Parameter Name

Type of Policy

 Description
Matching Threshold

Data Analysis

 Specify the minimum threshold for an alert. For example, a Credit Card Number policy with threshold set to two will trigger an alert when two or more credit card numbers are in a file.
Data Pattern

Data Analysis, Compliance Policy

Specify the DLP or customized data pattern to be associated with the policy to protect the type of sensitive data. FortiCASB will search for the selected DLP data pattern during Discovery scans.
File Path Regex

Compliance Policy

 Specify the targeted regular expression pattern of the cloud storage files which FortiCASB will run DLP scan on.

Notification Configuration

These are the common parameters in Notification tab of Policy Configuration. Not all policy has notification function.

Notification Setting Parameters Description
Enable Email Notification Check the box to allow FortiCASB to send an email whenever an alert is triggered.
Email Receiver Either select a user to receive notifications, or enter in an email address.
For examples on configuring FortiCASB policies, please see Policy Configuration Examples.

Previous
Next

Policy Configuration

Policy setting allows you to configure each policy to fit the need of your usage. Follow the steps below to configure policies.

  1. Select a cloud application from FortiCASB main dashboard.
  2. Click the Policy drop down menu, and select any type of Policy (Data Analysis, Threat Protection or Compliance)
  3. Click on the toggle switch under Status column to turn the Policy On or Off.

    4. Only the policy that is turned On can trigger alerts or record data in reports.
  4. Click on the right arrow sign > next to the policy to configure.
  5. Configure the settings in General and Context tab as described below in Policy Setting Tables. Every policy has different setting parameters. Follow the setting parameters table below to configure each policy.
  6. Click Save to complete the configuration.

The policy you set should be active after a few minutes.

For Compliance report, only polices with in Alert column will generate alerts. All other Compliance polices will generate data in Compliance reports.

General Configuration

These are the common parameters in General setting tab in Policy Configuration. Every policy has different setting parameters. Not all parameters are available in any given policy setting.

Parameter Name

Configurable

Description

Name

No

 The name of the policy.
Status

Yes

 Specify whether or not the policy is enabled to trigger alert. A policy is active when it is set to true.
Policy Description

No

 The description of the policy
Severity Level

Yes

 The severity level for the policy, you can set the severity level as Critical, Alert, Warning, or Information.
Policy Type

No

 The specific type of policy within the policy group. For example, PCI is a type of Compliance policy.

Context Configuration

These are the common parameters in Context tab in Policy Configuration. Every policy has different setting parameters. Not all parameters are available in any given policy setting.

Parameter Name

Type of Policy

 Description
Matching Threshold

Data Analysis

 Specify the minimum threshold for an alert. For example, a Credit Card Number policy with threshold set to two will trigger an alert when two or more credit card numbers are in a file.
Data Pattern

Data Analysis, Compliance Policy

Specify the DLP or customized data pattern to be associated with the policy to protect the type of sensitive data. FortiCASB will search for the selected DLP data pattern during Discovery scans.
File Path Regex

Compliance Policy

 Specify the targeted regular expression pattern of the cloud storage files which FortiCASB will run DLP scan on.

Notification Configuration

These are the common parameters in Notification tab of Policy Configuration. Not all policy has notification function.

Notification Setting Parameters Description
Enable Email Notification Check the box to allow FortiCASB to send an email whenever an alert is triggered.
Email Receiver Either select a user to receive notifications, or enter in an email address.
For examples on configuring FortiCASB policies, please see Policy Configuration Examples.

Previous
Next