Forbidden File Type Control

Forbidden File Type Control

You can use Application Control to prevent risky or forbidden file types (for example, exe, vbs, scr, dll, avi, mov) from being uploaded or downloaded.

To prevent risky or forbidden file types from being uploaded or downloaded:

1

Navigate to Firewall > Match Objects .

2

Click Add New Match Object.

3

Create an object like this one:

4

Navigate to Firewall > Action Objects.

5

Click Add New Action Object.

6

Create an action like this one.

To create a policy that uses this object and action:

1

Navigate to Firewall > App Rules.

2

Click Add New Policy.

3

Create a policy like this one:

4

To test this policy, you can open a Web browser and try to download any of the file types specified in the match object (exe, vbs, scr). Here are a few URLs that you can try:

http://download.skype.com/SkypeSetup.exe

http://us.dl1.yimg.com/download.yahoo.com/dl/msgr8/us/msgr8us.exe

http://g.msn.com/8reen_us/EN/INSTALL_MSN_MESSENGER_DL.EXE

You will see an alert similar to the one shown below.