-
Products
-
SonicPlatform
SonicPlatform is the cybersecurity platform purpose-built for MSPs, making managing complex security environments among multiple tenants easy and streamlined.
Discover More
-
-
Solutions
-
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn MoreFederalProtect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn More - Industries
- Use Cases
-
-
Partners
-
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
Learn MorePartner PortalAccess to deal registration, MDF, sales and marketing tools, training and more
Learn More - SonicWall Partners
- Partner Resources
-
-
Support
-
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn MoreSupport PortalFind answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn More - Support
- Resources
- Capture Labs
-
- Company
- Contact Us
How to Block Transmission of Credit Card and Social Security Numbers Over Email
03/26/2020 
11 People found this article helpful
484,923 Views
Description
Reassembly-Free Regular Expressions for DPI Engine
Starting with SonicOS 5.9, SonicWall has added reassembly-free regular expression functionality to the SonicWall Reassembly-Free Deep Packet Inspection (RF-DPI) engine. This proprietary implementation of regular expression matching does not require any buffering of the input content and works across packet boundaries. Users can now apply regular expressions to match objects in App Rules and use them across all currently supported application protocols and policy types. SonicWall supports perl-compatible regular expressions syntax. A few typical regular expression features are not supported: In this release SonicWall does not support back-references and does not provide substitution or translation functionality since regular expressions are used only for inspection of network traffic—not for modifying any part of the traffic.
The following predefined regular expressions are available in match objects:
- VISA CC
- US SSN
- CANADIAN SIN
- ABA ROUTING NUMBER
- AMEX CC
- MASTERCARD CC
- DISCOVER CC
This article describes how to configure these predefined regular expressions to block transmission of Credit Card and Social Security numbers over SMTP and POP3.
Resolution
Block outbound mail (SMTP) containing credit card numbers, social security numbers and ABA routing numbers.
- Login to the SonicWall management GUI
- Navigate to the Manage | Objects | Match Objects
- Click on Add New Match Object.
- In the Add/Edit Match Object window, enter the following:
- Name: Specify a name for this match object
- Match Object Type: File Content
- Match Type: Regex Match. Note: The pre-defined regular expression list will be displayed only on selecting Regex Match as Match Type,
- Select any of the following from the Pre-defined Regular Expression drop-down list and click on Pick.
- VISA CC
- US SSN
- CANADIAN SIN
- ABA ROUTING NUMBER
- AMEX CC
- MASTERCARD CC
- DISCOVER CC
- For the purpose of this article we select VISA CC
- Click on OK to save.
Note: Match object type File Content can only be used in App Rule policies with App Rule Policy Type of SMTP Client, FTP Data Transfer
Navigate to the Manage | Rules | App Rules page.
Click on Add New Policy and create the following App Rule policy:
- Policy Type: SMTP Client
- Service Destination: SMTP
- Match Object: PII
- Action Object: Reset/Drop
- Direction: Both
Block inbound mail (POP3) containing credit card numbers, social security numbers and ABA routing numbers.
- Navigate to the Manage | Objects |Match Objects
- Click on Add New Match Object.
- In the Add/Edit Match Object window, enter the following:
- Name: Specify a name for this match object
- Match Object Type: Email Body
- Match Type: Regex Match. Note: The pre-defined regular expression list will be displayed only on selecting Regex Match as Match Type,
- Select any of the following from the Pre-defined Regular Expression drop-down list and click on Pick.
- VISA CC
- US SSN
- CANADIAN SIN
- ABA ROUTING NUMBER
- AMEX CC
- MASTERCARD CC
- DISCOVER CC
- For the purpose of this article we select VISA CC
- Click on OK to save.
Navigate to te Manage |Rules | App Rules page.
Click on Add New Policy and create the following App Rule policy:
- Policy Type: POP3 Server
- Service: POP3 (Retrieve E-Mail)
- Match Object: Visa
- Action Object: Reset/Drop
- Connection Side: Server Side
Related Articles
- How to Block Google QUIC Protocol on SonicOSX 7.0?
- How to block certain Keywords on SonicOSX 7.0?
- How internal Interfaces can obtain Global IPv6 Addresses using DHCPv6 Prefix Delegation
Categories
- Firewalls > NSa Series > Application Firewall
- Firewalls > NSv Series > Application Firewall
- Firewalls > TZ Series > Application Firewall
YES
NO