Labels

Labels

Labels allow you to associate users and managed nodes with policy groups, Agent configuration groups, and the Agent offline detection rule.

FortiDLP provides the following label types:

A custom label is one that an operator creates and assigns to users and managed nodes. You can remove, modify, and delete custom labels.
An automatic label is one that the FortiDLP Infrastructure creates and assigns to managed nodes using information from the FortiDLP Agent. Each managed node has two automatic labels, which classify them by their operating system and Agent software version. You cannot remove or delete automatic labels, but you can modify some of their properties.
A directory label is one that the FortiDLP Infrastructure creates and assigns to users after syncing with an Entra ID or LDAP directory. Directory labels map to the directory's user attributes. For details about generating Entra ID directory labels, see Entra ID users. For details about generating LDAP directory labels, refer to the FortiDLPLDAP Sync Tool Administration Guide. Once created, you can manage directory labels centrally, as described in Unassigning labels and Deleting labels.

You are advised to read Policies, Agent configuration groups, and Agent offline warning in their entirety to determine the labels you require for your organization. If you decide to use custom labels, see the following sections:

Labels

Labels allow you to associate users and managed nodes with policy groups, Agent configuration groups, and the Agent offline detection rule.

FortiDLP provides the following label types:

A custom label is one that an operator creates and assigns to users and managed nodes. You can remove, modify, and delete custom labels.
An automatic label is one that the FortiDLP Infrastructure creates and assigns to managed nodes using information from the FortiDLP Agent. Each managed node has two automatic labels, which classify them by their operating system and Agent software version. You cannot remove or delete automatic labels, but you can modify some of their properties.
A directory label is one that the FortiDLP Infrastructure creates and assigns to users after syncing with an Entra ID or LDAP directory. Directory labels map to the directory's user attributes. For details about generating Entra ID directory labels, see Entra ID users. For details about generating LDAP directory labels, refer to the FortiDLPLDAP Sync Tool Administration Guide. Once created, you can manage directory labels centrally, as described in Unassigning labels and Deleting labels.

Secure Networking

Hybrid Mesh Firewall

NOC Management

LAN

WAN

Unified SASE

Single Vendor SASE

Cloud Network Security

Secure Endpoint Connectivity

Web Application / API Protection

Security Operations

Security Operations Automation

Identity

Early Detection & Prevention

Secure Networking

Hybrid Mesh Firewall

NOC Management

LAN

WAN

Communication & Surveillance

Unified SASE

Single Vendor SASE

Secure Endpoint Connectivity

Cloud Network Security

Cloud-Native Security

Web Application / API Protection

Security Operations

Security Operations Automation

Endpoint

Data Protection

Identity

Email

Early Detection & Prevention

Expert Services

Edge Firewall

Orchestration & management

SD Branch

Application Delivery

Single Vendor SASE

Secure Endpoint Connectivity

Secure Private Access

Thin Edge

Identity

Application Gateway

Enterprise Asset Management

Endpoint Agent

Agentless Security Posture

Identity

Wireless

Switching

Identity

Privilege Acccess Management

Next Generation Firewall

Orchestration & management

Expert Services

All

All

Account Management

SAAS Management

SAAS Application Security

Managed Services

Platform as a service (PAAS)

Other SAAS Services

4D Pillars

Cloud

Popular Solutions

FortiDLP Administration Guide

Labels

Labels

Labels