Fortinet black logo

Online Help

Home FortiCASB 24.1.b Online Help
24.1.b
24.1.b
24.1.a
23.4.a
23.3.a
23.2.b
23.2.a
23.1.0
22.4.0
21.4.0
21.2.0
21.1.0
20.4.1
20.4.0
20.3.0
20.2.0
20.1.0
4.2.0
4.1.0
2.1.0

Restricted User

Restricted User

Description

Restricted User policy monitors for cloud account activities conducted by targeted users. An alert will be sent whenever targeted user(s) performs certain activities.

Policy Configuration

Follow the steps below to enable and configure the policy

  1. Click on any Cloud Account drop down menu from FortiCASB dashboard, e.g. Salesforce, Office365, etc.
  2. Click on Policy drop down menu and select Threat Protection.
  3. Locate Restricted User and click on the right arrow key > button to expand the policy.
  4. Click On in Enabled to enable the policy.

  5. Click on Severity level drop down menu to select the severity level (Critical, Alert, Warning, Information).
  6. In Event section, click to select Specific events then click the drop down field under it to select specific event(s). To select all events instead, click on Select all events.
  7. In Suspicious User section, click to select Specify users and click the Select User drop down field to select user(s). To select all users instead, click Select all users.
  8. Click Save Changes to update the configuration.

After the policy is enabled and configured, whenever the targeted users perform certain activities, an alert will be triggered in the alert page. For more details, please refer to Alert.

Previous
Next

Restricted User

Description

Restricted User policy monitors for cloud account activities conducted by targeted users. An alert will be sent whenever targeted user(s) performs certain activities.

Policy Configuration

Follow the steps below to enable and configure the policy

  1. Click on any Cloud Account drop down menu from FortiCASB dashboard, e.g. Salesforce, Office365, etc.
  2. Click on Policy drop down menu and select Threat Protection.
  3. Locate Restricted User and click on the right arrow key > button to expand the policy.
  4. Click On in Enabled to enable the policy.

  5. Click on Severity level drop down menu to select the severity level (Critical, Alert, Warning, Information).
  6. In Event section, click to select Specific events then click the drop down field under it to select specific event(s). To select all events instead, click on Select all events.
  7. In Suspicious User section, click to select Specify users and click the Select User drop down field to select user(s). To select all users instead, click Select all users.
  8. Click Save Changes to update the configuration.

After the policy is enabled and configured, whenever the targeted users perform certain activities, an alert will be triggered in the alert page. For more details, please refer to Alert.

Previous
Next