How to use MyDLP with an existing Fortinet UTM

Posted by:

  1. This article already assumes that you have installed MyDLP and DLP functions working properly.
  2. This article already assumes that Fortinet UTM is able to filter web traffic properly.

ICAP Client should be configured for Fortinet UTM.

To be able to configure ICAP from the Fortinet UTM web‑based manager, you must go to System > Admin > Settings > Display Options on GUI and enable ICAP.

Now we should create a new ICAP server definition and related ICAP profiles.

  1. Go to UTM Security Profiles > ICAP ...
Continue Reading →
0

How to integrate MyDLP with AlienVault / OSSIM

Posted by:

  1. This article already assumes that you have installed MyDLP and DLP functions are working properly.
  2. This article already assumes that your AlienVault / OSSIM is functioning properly.

After version MyDLP v0.9.144 (05.09.2012), as defaults, MyDLP is logging to Syslog using CEF (Common Event Format). It makes very easy to integrate with any kind of SIEM solution including AlienVault / OSSIM. MyDLP logs to Syslog using UDP, it is fast, but it is not a very secure way to transfer logs. ...

Continue Reading →
0

Active Directory Integration

Posted by:

MyDLP as a data leakage prevention solution, is able to analyze data transfers or residing data according to source. As an example, you are able to create policy specific to an IP by using Network object. For detailed information you can checkout this tutorial: Policy Rules.. Another way of specifying source for rules is using the Active Directory Users. In order to use your active directory users, you have to integrate MyDLP with your active directory ...

Continue Reading →
0

How to configure smart host for email channels

Posted by:

  1. This article already assumes that you have installed MyDLP and DLP functions working properly.
  2. It is required to ensure that DNS addresses at /etc/resolve.conf of MyDLP server had been properly configured. This is crucial because all email will be re-routed after DLP inspection according to information gathered from these DNS servers.

All you need to do is to add address of your smart host to Postfix MTA on MyDLP server in order to route them to smarthost.

  1. Connect MyDLP Server using SSH
  2. Edit file ...
Continue Reading →
0

Using parent proxy with SSL Bump enabled Squid 3.2

Posted by:

For a while we were waiting for Squid 3.2.x to be release as a stable version of Squid. Finally, it did. But, a small portion of community (including us) were expecting that bug related to using parent proxy with ssl bumping would be resolved. But, it didn’t ( http://www.squid-cache.org/Versions/v3/3.2/RELEASENOTES.html#ss1.1 ) and it will not be till Squid 3.3.

Let me give a brief history about this bug:

  • First, the bug was introduced. People using SSL Bumping were not be able ...
Continue Reading →
1
Page 1 of 4 1234