Can Files be Blocked by Name?

Can Files be Blocked by Name?

43161
Created On 09/25/18 20:39 PM - Last Modified 06/05/23 07:39 AM


Resolution


There's no way to allow or create exceptions under the file blocking profile. The file blocking profile is “type” based and decoders are used to identify the file type, not the file's extension.

 

Workaround

  • Create a Custom URL category and have include the source of file and added in the security rule.
  • Go to Objects > Custom URL Category. Type the source of the exe file.

cu-url-cat.PNG

  • Go to Policies > Security and create a rule to include the custom URL category in Service/URL category of the rule and URL profiles to "allow" the category.

serviceurl.PNG.

  • Create a security rule above the existing rule to block exe file types from the file blocking profile.

sec.PNG

  • Commit the configurations.
    wrar420.exe will be downloaded based on the rule "Allow winrar"

 

Another workaround is to develop a custom signature in custom applications and add it to the security rule.

 

owner: ppatel
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CljWCAS&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language