Fortinet black logo

Online Help

Home FortiCASB 24.1.b Online Help

Policy Configuration

24.1.b
24.1.b
24.1.a
23.4.a
23.3.a
23.2.b
23.2.a
23.1.0
22.4.0
21.4.0
21.2.0
21.1.0
20.4.1
20.4.0
20.3.0
20.2.0
20.1.0
4.2.0
4.1.0
2.1.0
Copy Link
Copy Doc ID df548089-ec91-11ee-8c42-fa163e15d75b:482958

Policy Configuration

One important note on policy configuration is that only the policy that is turned On can trigger alerts or generate reports.

Enable Policy

Policy setting allows you to configure each policy depending on the requirement of your organization. Follow the steps below to configure policies.

  1. Select a cloud application from FortiCASB main dashboard.
  2. Click on the Policy drop down menu, and select any type of Policy (Data Analysis, Threat Protection or Compliance)

  3. Click on any policy drop down menu. For example, "Sensitive Event".

  4. Enable the policy by setting it to On.
  5. Click Save Changes to complete the configuration.

The policy you set should be active after a few minutes.

Note: For Compliance Policies, only polices with in Alert column will generate alerts. All other Compliance polices will still generate data in Compliance reports.

General Configuration

These are the common parameters in Policy Configuration. Every policy has different setting parameters. Not all parameters are available in any given policy setting.

Parameter Name

Description
Enabled Specify whether or not the policy is enabled to trigger alert. A policy is active when it is set to On.
Severity Level The severity level for the policy, you can set the severity level as Critical, Alert, Warning, or Information.
Matching Threshold

Specify the minimum threshold for an alert to be triggered.

For example, DLP Visa Card Policy with a matching threshold of 2 will trigger an alert when 2 or more credit card numbers are detected.

Interval (minute)

The minimum threshold between each time the policy is triggered by the user activity for an alert to be triggered.

For example, Sensitive Event with an interval of 5 minutes will trigger an alert when a sensitive event occurs every 5 minutes.
Data Pattern Specify the DLP or customized data pattern to be associated with the policy to protect the type of sensitive data. FortiCASB will search for the selected DLP data pattern during Discovery scans.
File Path Regex Specify the targeted regular expression pattern of the cloud storage files which FortiCASB will run DLP scan on.

Email Notification (Notify FortiCASB Users)

When the email notification is turned on, FortiCASB users can be added to be notified when an alert is triggered by the policy.

Email Notification (Notify File Owners)

This feature is only available in customized Threat Protection policies. When the policy is turned on, the file owner will be notified on the file exposure with editable notification.

For more details on policy configurations, please see

Threat Protection Policy Configuration

Compliance Policy Configuration

Customized Policy Configurations

Previous
Next

Policy Configuration

One important note on policy configuration is that only the policy that is turned On can trigger alerts or generate reports.

Enable Policy

Policy setting allows you to configure each policy depending on the requirement of your organization. Follow the steps below to configure policies.

  1. Select a cloud application from FortiCASB main dashboard.
  2. Click on the Policy drop down menu, and select any type of Policy (Data Analysis, Threat Protection or Compliance)

  3. Click on any policy drop down menu. For example, "Sensitive Event".

  4. Enable the policy by setting it to On.
  5. Click Save Changes to complete the configuration.

The policy you set should be active after a few minutes.

Note: For Compliance Policies, only polices with in Alert column will generate alerts. All other Compliance polices will still generate data in Compliance reports.

General Configuration

These are the common parameters in Policy Configuration. Every policy has different setting parameters. Not all parameters are available in any given policy setting.

Parameter Name

Description
Enabled Specify whether or not the policy is enabled to trigger alert. A policy is active when it is set to On.
Severity Level The severity level for the policy, you can set the severity level as Critical, Alert, Warning, or Information.
Matching Threshold

Specify the minimum threshold for an alert to be triggered.

For example, DLP Visa Card Policy with a matching threshold of 2 will trigger an alert when 2 or more credit card numbers are detected.

Interval (minute)

The minimum threshold between each time the policy is triggered by the user activity for an alert to be triggered.

For example, Sensitive Event with an interval of 5 minutes will trigger an alert when a sensitive event occurs every 5 minutes.
Data Pattern Specify the DLP or customized data pattern to be associated with the policy to protect the type of sensitive data. FortiCASB will search for the selected DLP data pattern during Discovery scans.
File Path Regex Specify the targeted regular expression pattern of the cloud storage files which FortiCASB will run DLP scan on.

Email Notification (Notify FortiCASB Users)

When the email notification is turned on, FortiCASB users can be added to be notified when an alert is triggered by the policy.

Email Notification (Notify File Owners)

This feature is only available in customized Threat Protection policies. When the policy is turned on, the file owner will be notified on the file exposure with editable notification.

For more details on policy configurations, please see

Threat Protection Policy Configuration

Compliance Policy Configuration

Customized Policy Configurations

Previous
Next