DLP filter not blocking
Fortigate 50E v 6.0.2
I'm trying to block executable files being uploaded to to an ftp server using DLP but having some issues. I've set the inspection mode to proxy and used the DLP configuration below.
The problem is the file transfers are not blocked but the Fortigate logs indicate they have been blocked.
Date/Time Source Service Action File Name Filter Index DLP Extra Filter Type Filter Category De
2 minutes ago x.x.x.x FTP block putty.exe 1 ExeBlock5 file-type file host:x.x.x.x
set proto smtp pop3 imap http-get http-post ftp
set filter-by file-type
set file-type 5
set action block
set name "ExeBlock5"
set filter-type type
set file-type exe
Any ideas what I'm missing?