Fortinet black logo

Online Help

Home FortiCASB 21.2.0 Online Help
21.2.0
24.1.b
24.1.a
23.4.a
23.3.a
23.2.b
23.2.a
23.1.0
22.4.0
21.4.0
21.2.0
21.1.0
20.4.1
20.4.0
20.3.0
20.2.0
20.1.0
4.2.0
4.1.0
2.1.0

Customized Policy

Customized Policy

FortiCASB allows you to create personalized policies to suit your organization needs.

To add a customized policy, select a cloud application, and go to Threat Protection > Customized, scroll to the bottom of the page and click + Add New.

Customized policies focus on two aspects, Content Monitoring and Activity Monitoring.

Content monitoring is monitor files for sensitive data while activity monitoring monitors user activities.

The following examples illustrate how to create common customized policies:

Example 1: Monitor all downloads of a public link containing sensitive data

Example 2: Monitor all activities of a user or a group of users

Example 1: Monitor all downloads of a public link containing sensitive data

This example generates an alert when any Salesforce file sharing link that contains a social security number is downloaded.

  1. Enter a Policy Name and Description for the policy, e.g. "Salesforce Link Monitoring".

  2. Click on Activity drop down menu, and select the Download File option.

  3. Scroll to the bottom, click On at Content Matching to reveal Data Patterns selection.

  4. Click on Data Patterns drop down menu, and select DLP SSN.

  5. Click on Share Level drop down menu, and select Link.

  6. Click Add Customized Policy to finish adding the policy.

Example 2: Monitor all activities of a user or a group of users

This policy generates an alert whenever a specific user or a group of users perform any action.

  1. Enter a Policy Name and Description for the policy, e.g. "Users Monitoring".

  2. Click on User field, select the users to be monitored or select all users.

  3. Click Add Customized Policy to finish adding the policy.

Previous
Next

Customized Policy

FortiCASB allows you to create personalized policies to suit your organization needs.

To add a customized policy, select a cloud application, and go to Threat Protection > Customized, scroll to the bottom of the page and click + Add New.

Customized policies focus on two aspects, Content Monitoring and Activity Monitoring.

Content monitoring is monitor files for sensitive data while activity monitoring monitors user activities.

The following examples illustrate how to create common customized policies:

Example 1: Monitor all downloads of a public link containing sensitive data

Example 2: Monitor all activities of a user or a group of users

Example 1: Monitor all downloads of a public link containing sensitive data

This example generates an alert when any Salesforce file sharing link that contains a social security number is downloaded.

  1. Enter a Policy Name and Description for the policy, e.g. "Salesforce Link Monitoring".

  2. Click on Activity drop down menu, and select the Download File option.

  3. Scroll to the bottom, click On at Content Matching to reveal Data Patterns selection.

  4. Click on Data Patterns drop down menu, and select DLP SSN.

  5. Click on Share Level drop down menu, and select Link.

  6. Click Add Customized Policy to finish adding the policy.

Example 2: Monitor all activities of a user or a group of users

This policy generates an alert whenever a specific user or a group of users perform any action.

  1. Enter a Policy Name and Description for the policy, e.g. "Users Monitoring".

  2. Click on User field, select the users to be monitored or select all users.

  3. Click Add Customized Policy to finish adding the policy.

Previous
Next