Fortinet black logo

Online Help

Home FortiCASB 23.3.a Online Help
23.3.a
24.1.b
24.1.a
23.4.a
23.3.a
23.2.b
23.2.a
23.1.0
22.4.0
21.4.0
21.2.0
21.1.0
20.4.1
20.4.0
20.3.0
20.2.0
20.1.0
4.2.0
4.1.0
2.1.0

Data Security Policy Alert Notification

Data Security Policy Alert Notification

When the a data security policy is enabled, an alert will be triggered by specific user activity done on the targeted files with certain DLP patterns.

The alert also can be sent as notification to notify the relevant personnel to take immediate actions.

Types of Alert Notification

There are two types of alert notifications that can be generated to address the alert incident.

  1. Email Notification Alerts can be sent to either the FortiCASB Users or the affected File Owners
  2. FortiAnalyzer Alerts in the form of Syslog messages can be sent to FortiAnalyzer.

    3. In order to send alerts to FortiAnalyzer, a FortiAnalyer needs to be added first in Overview > Fabric Integration.

    See Fabric Integration Configuration for more details

Email Notification or FortiAnalyzer alerts needs to be enabled in the Data Security Policy to send notifications.

Steps to Configure Email Notification in Data Security Policy

  1. Go to Data Protection > Policies > Scan Policies from the main menu.
  2. Click +Add New to create a new Data Security Policy.
  3. After Data Security Policy Name and Match Criteria are filled, go to Action section.
  4. In Send Email Notification, click On to enable email notifications.

  5. Enter the recipient’s e-mail address in the field below.
  6. In Notify File Owners, click On to enable file owner notification.

  7. Edit the alert notification field below. The following parameters will be send as part of the notification to the file owner.
    1. Activity Name - the type of activity conducted on the file.
    2. File Name - The file that contains the targeted DLP pattern.
    3. DLP Pattern Name - the DLP pattern that triggers the alert.
  8. Click Add New Data Security Policy to finish.

Example of File Owner Notification Alert

Steps to Configure FortiAnalyzer Notification

  1. Go to Data Protection > Policies > Scan Policies from the main menu.
  2. Click +Add New to create a new Data Security Policies.
  3. After Data Security Policy Name and Match Criteria are filled, go to Action section.
  4. In Send Alerts to FortiAnalyer, click On to enable alerts to be sent to FortiAnalyzer.

  5. Click Add New Data Security Policy to finish.

Previous
Next

Data Security Policy Alert Notification

When the a data security policy is enabled, an alert will be triggered by specific user activity done on the targeted files with certain DLP patterns.

The alert also can be sent as notification to notify the relevant personnel to take immediate actions.

Types of Alert Notification

There are two types of alert notifications that can be generated to address the alert incident.

  1. Email Notification Alerts can be sent to either the FortiCASB Users or the affected File Owners
  2. FortiAnalyzer Alerts in the form of Syslog messages can be sent to FortiAnalyzer.

    3. In order to send alerts to FortiAnalyzer, a FortiAnalyer needs to be added first in Overview > Fabric Integration.

    See Fabric Integration Configuration for more details

Email Notification or FortiAnalyzer alerts needs to be enabled in the Data Security Policy to send notifications.

Steps to Configure Email Notification in Data Security Policy

  1. Go to Data Protection > Policies > Scan Policies from the main menu.
  2. Click +Add New to create a new Data Security Policy.
  3. After Data Security Policy Name and Match Criteria are filled, go to Action section.
  4. In Send Email Notification, click On to enable email notifications.

  5. Enter the recipient’s e-mail address in the field below.
  6. In Notify File Owners, click On to enable file owner notification.

  7. Edit the alert notification field below. The following parameters will be send as part of the notification to the file owner.
    1. Activity Name - the type of activity conducted on the file.
    2. File Name - The file that contains the targeted DLP pattern.
    3. DLP Pattern Name - the DLP pattern that triggers the alert.
  8. Click Add New Data Security Policy to finish.

Example of File Owner Notification Alert

Steps to Configure FortiAnalyzer Notification

  1. Go to Data Protection > Policies > Scan Policies from the main menu.
  2. Click +Add New to create a new Data Security Policies.
  3. After Data Security Policy Name and Match Criteria are filled, go to Action section.
  4. In Send Alerts to FortiAnalyer, click On to enable alerts to be sent to FortiAnalyzer.

  5. Click Add New Data Security Policy to finish.

Previous
Next