Policy Configuration
Policy setting allows you to configure each policy to fit the need of your usage. Follow the steps below to configure policies.
- Select a cloud application from FortiCASB main dashboard.
- Click the Policy drop down menu, and select any type of Policy (Data Analysis, Threat Protection or Compliance)
- Click on the toggle switch under Status column to turn the Policy On or Off.
- Click on the right arrow sign > next to the policy to configure.
- Configure the settings in General and Context tab as described below in Policy Setting Tables. Every policy has different setting parameters. Follow the setting parameters table below to configure each policy.
- Click Save to complete the configuration.
Only the policy that is turned On can trigger alerts or record data in reports. |
The policy you set should be active after a few minutes.
For Compliance report, only polices with in Alert column will generate alerts. All other Compliance polices will generate data in Compliance reports. |
General Configuration
These are the common parameters in General setting tab in Policy Configuration. Every policy has different setting parameters. Not all parameters are available in any given policy setting.
Parameter Name |
Configurable |
Description |
---|---|---|
Name |
No |
The name of the policy. |
Status |
Yes |
Specify whether or not the policy is enabled to trigger alert. A policy is active when it is set to true. |
Policy Description |
No |
The description of the policy |
Severity Level |
Yes |
The severity level for the policy, you can set the severity level as Critical, Alert, Warning, or Information. |
Policy Type |
No |
The specific type of policy within the policy group. For example, PCI is a type of Compliance policy. |
Context Configuration
These are the common parameters in Context tab in Policy Configuration. Every policy has different setting parameters. Not all parameters are available in any given policy setting.
Parameter Name |
Type of Policy |
Description |
---|---|---|
Matching Threshold |
Data Analysis |
Specify the minimum threshold for an alert. For example, a Credit Card Number policy with threshold set to two will trigger an alert when two or more credit card numbers are detected. |
Data Pattern |
Data Analysis, Compliance Policy |
Specify the DLP or customized data pattern to be associated with the policy to protect the type of sensitive data. FortiCASB will search for the selected DLP data pattern during Discovery scans. |
File Path Regex |
Compliance Policy |
Specify the targeted regular expression pattern of the cloud storage files which FortiCASB will run DLP scan on. |
Notification Configuration
These are the common parameters in Notification tab of Policy Configuration. Not all policy has notification function.
Notification Setting Parameters | Description |
---|---|
Enable Email Notification | Check the box to allow FortiCASB to send an email whenever an alert is triggered. |
Email Receiver | Either select a user to receive notifications, or enter in an email address. |
For more details on FortiCASB policy configurations, please see Data Analysis Policy Configuration, Threat Protection Policy Configuration, and Compliance Policy Configuration. |