DLP fingerprinting
DLP fingerprinting can be used to detect sensitive data. The file that the DLP sensor will filter for is uploaded and the FortiGate generates and stores a checksum fingerprint. The FortiGate unit generates a fingerprint for all of the files that are detected in network traffic, and compares all of the checksums stored in its database. If a match is found, the configured action is taken.
Any type of file can be detected by DLP fingerprinting, and fingerprints can be saved for each revision of a file as it is updated.
To use fingerprinting:
- Select the files to be fingerprinted by targeting a document source.
- Add fingerprinting filters to DLP sensors.
- Add the sensors to firewall policies that accept traffic that the fingerprinting will be applied on.
![]() |
The document fingerprint feature requires a FortiGate device that has internal storage. |
To configure a DLP fingerprint document:
config dlp fp-doc-source edit <name_str> set server-type smb set server <string> set period {none | daily | weekly | monthly} set vdom {mgmt | current} set scan-subdirectories {enable | disable} set remove-deleted {enable | disable} set keep-modified {enable | disable} set username <string> set password <password> set file-path <string> set file-pattern <string> set sensitivity <Critical | Private | Warning> set tod-hour <integer> set tod-min <integer> set weekday {sunday | monday | tuesday | wednesday | thursday | friday | saturday} set date <integer> next end