Objects > Security Profiles > Data Filtering
Data filtering enables the firewall to detect sensitive information—such as credit card or social security numbers or internal corporate documents—and prevent this data from leaving a secure network. Before you enable data filtering, select Objects > Custom Objects > Data Patterns to define the type of data you want to filter (such as social security numbers or document titles that contain the word “confidential”). You can add several data pattern objects to a single Data Filtering profile and, when attached to a Security policy rule, the firewall scans allowed traffic for each data pattern and blocks matching traffic based on the data filtering profile settings.
Data Filtering Profile Settings
Enter a profile name (up to 31 characters). This name appears in the list of log forwarding profiles when defining security policies. The name is case-sensitive and must be unique. Use only letters, numbers, spaces, hyphens, and underscores.
Enter a description for the profile (up to 255 characters).
Select this option if you want the profile to be available to:
Disable override (
Select this option to prevent administrators from overriding the settings of this Data Filtering profile in device groups that inherit the profile. This selection is cleared by default, which means administrators can override the settings for any device group that inherits the profile.
Select this option to automatically collect the data that is blocked by the filter.
Specify the applications to include in the filtering rule:
Specify the file types to include in the filtering rule:
Specify whether to apply the filter in the upload direction, download direction, or both.
Specify the number of times the data pattern must be detected in a file to trigger an alert.
Block files that contain at least this many instances of the data pattern.
Define the log severity recorded for events that match this data filtering profile rule.