If you are using a DLP solution to add file
properties to documents in order to mark those documents as confidential,
you can use the new built-in file property settings to configure
the firewall to block those confidential documents from leaving
Take the following steps to use the new settings
to enable data filtering based on file properties (previous release
versions required you to create regular expression data patterns
to enable the same functionality).
Define a new data pattern object
to detect file properties.
a new rule to the data
pattern object, and give that rule a descriptive Name.
on the file type you choose, also select the
you want scan for a specific value.
Enter the specific
you want the firewall to detect.
to save the data pattern.
data pattern object to a data filtering profile.
modify a data filtering profile.
a new profile rule and
select the Data Pattern you created in step 1.
, and what
traffic (upload or download) you want to filter based on the data
The file type you select must be
the same file type you defined for the data pattern in step 1, or it must be a file type that includes
the data pattern file type. For example, you could define both the
data pattern object and the data filtering profile to scan all Microsoft
Office documents. Or, you could define the data pattern object to
match to only Microsoft PowerPoint Presentations, while the data
filtering profile scans all Microsoft Office documents.
a data pattern object is attached to a data filtering profile and
the configured file types do not align between the two, the profile
will not correctly filter documents matched to the data pattern
specify the number of times the data pattern must be detected in
a file to trigger an alert.
block files that contain at least this many instances of the data
for files that match this rule.
to save the data filtering
Apply the data filtering settings to traffic.
modify a security policy rule.
and set the
Profile Type to
Attach the Data Filtering profile you created in step 2 to the security policy rule.
) Prevent web browsers from resuming
sessions that the firewall has terminated.
This option ensures that when the
firewall detects and then drops a sensitive file, a web browser
cannot resume the session in an attempt to retrieve the file.
edit Content-ID Settings.
Allow HTTP header range option
Monitor files that the firewall is filtering.
to view the files that the firewall
has detected and blocked based on your data filtering settings.