Email monitoring
The FortiDLP Agent can monitor users' Microsoft Outlook email activity for data loss prevention and insider risk visibility. For the list of compatible OSs and email application versions, see FortiDLP Agent optional requirements.
Depending on which version of Outlook is in use, the FortiDLP Email Add-in or the FortiDLP Email Plugin (Legacy) allows the Agent to track users' email activity and report it to the policy engine, preventing sensitive information from being transferred out of your organization and security compromises. The FortiDLP Email Add-in monitors outbound emails, and the FortiDLP Email Plugin (Legacy) monitors inbound and outbound emails.
|
Email monitoring is supported in organizations where both New Outlook and Classic Outlook clients are in use, with the FortiDLP Email Add-in and FortiDLP Email Plugin (Legacy) deployed to the same account. However, the add-in and plugin will only function in compatible applications, as described in FortiDLP Agent optional requirements. In a scenario where both the FortiDLP Email Add-in and FortiDLP Email Plugin (Legacy) are deployed to the same account, a nonfunctional FortiDLP Email Add-in will be displayed in Classic Outlook. |
FortiDLP Email Add-in
Requirements: FortiDLP Agent 10.1.3+.
The FortiDLP Email Add-in's deployment process varies by the OSs and browsers you want to monitor, and whether you will deploy it manually or using a fleet management tool. However, at a high level, this entails:
- Authorizing communication between the FortiDLP Email Add-in and the Agent's local (proxy) web server, if applicable (see Allowing communication between the FortiDLP Agent and FortiDLP Cloud).
- Configuring a trusted certificate for the Agent's local web server and installing it on devices.
- Deploying the FortiDLP Email Add-in.
- Enabling email monitoring.
For instructions on manually deploying the FortiDLP Email Add-in, see:
For instructions on bulk deploying the FortiDLP Email Add-in, see:
- Bulk deploying the FortiDLP Email Add-in to Windows
- Bulk deploying the FortiDLP Email Add-in to macOS.
|
|
The FortiDLP Email Add-in is not supported when Microsoft Outlook is in offline mode and only monitors the accounts it has been deployed to. |
FortiDLP Email Plugin (Legacy)
For FortiDLP Cloud tenants, the FortiDLP Email Plugin (Legacy) is installed out of the box on Windows via FortiDLP's "base configuration" Agent configuration group. Email monitoring can be enabled using Agent configuration groups. For instructions, refer to the FortiDLP Administration Guide.
Email policy templates
FortiDLP's email policy templates can optionally be configured to:
- inspect emails for keywords/keyphrases, patterns, and Microsoft sensitivity labels and block sending of sensitive data
- specify approved and unapproved email domains for sending emails
- block outbound emails to suspicious email domains
- block sending of large attachments,
- and more.
|
|
The FortiDLP Email Add-in requires FortiDLP Agent 10.4.0+ for header inspection and FortiDLP Agent 10.1.3+ for attachment inspection. |
For more information about email policy templates, refer to the FortiDLP Policies Reference Guide.
For information about using sensitivity labels in FortiDLP, refer to the FortiDLP Administration Guide.