https://live.paloaltonetworks.com/t5/advanced-threat-prevention/executable-blocking-on-a-network-drive/m-p/589913#M2235 <P>The directory path is: c:\server_services\shared\buy.exe.</P> Wed, 19 Jun 2024 15:07:55 GMT aalfaro 2024-06-19T15:07:55Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/executable-blocking-on-a-network-drive/m-p/589730#M2234 <P>Cordial greetings</P> <P>Team</P> <P>Currently some users are trying to download an .exe file located in a server directory path.</P> <P>As I mentioned, the download is using the ms-ds-smbv3 protocol and is being stopped by the File-Blocking profile. We have performed the exclusion by creating a Category url (assuming the download was done by querying a URL) but evidently it did not work, as the location is on a network share c:\server_services_shared_drive.exe.</P> <P>How could the exclusion of this file only be done, as, I could do an eclusion by signature id 52020 but by doing this I am leaving a very large gap of excluding any .exe and we don't want that.</P> <P>I look forward to your comments and/or possible solutions.</P> Mon, 17 Jun 2024 20:25:50 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/executable-blocking-on-a-network-drive/m-p/589730#M2234 aalfaro 2024-06-17T20:25:50Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/executable-blocking-on-a-network-drive/m-p/589913#M2235 <P>The directory path is: c:\server_services\shared\buy.exe.</P> Wed, 19 Jun 2024 15:07:55 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/executable-blocking-on-a-network-drive/m-p/589913#M2235 aalfaro 2024-06-19T15:07:55Z