https://live.paloaltonetworks.com/t5/general-topics/file-blocking-for-allowing-specific-file-type-to-be-download/m-p/395969#M91326 <P>Hi <a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/167254">@Vijaygvasan</a> ,</P> <P>&nbsp;</P> <P>Your suggestion to decrypt the traffic is the way to go in my humble opinion.</P> <P>&nbsp;</P> <P>I'm afraid that without a decryption policy, file blocking just won't do a decent job.&nbsp; You won't have any visibility inside any HTTPS traffic and you won't be able to block anything using file blocking this way.</P> <P>&nbsp;</P> <P>If you don't want to use a decryption policy then I suggest that you use some form of endpoint protection (Cortex XDR ?) but I'm not sure it allows for the same granularity.</P> <P>&nbsp;</P> <P>Cheers,</P> <P>-Kiwi.</P> <DIV id="ConnectiveDocSignExtentionInstalled" data-extension-version="1.0.4">&nbsp;</DIV> Tue, 06 Apr 2021 08:53:11 GMT kiwi 2021-04-06T08:53:11Z https://live.paloaltonetworks.com/t5/general-topics/file-blocking-for-allowing-specific-file-type-to-be-download/m-p/395638#M91295 <P>Hi guys,</P><P>&nbsp;</P><P>I have query regarding fileblocking where i just want to allow certain type of file to be downloaded and uploaded for specific file type. So for example. im allowing exe extension for microsoft.com and i provided the option to alert. And when i first made a request for the webpage it works as expected. But when i tried request for different website i did get the response page from that website as well. And im also able to see that the exe file gets to be downloaded on different website. So i created a deny rule for blocking exe for any destination. But still im able to see that i could download the files on different website.</P><P>&nbsp;</P><P>My suggestion was to go with Decrypting the traffic and making those who need to download can have access for that. But i just need all your inputs to do this without decrypting.</P><P>&nbsp;</P><P>Attached is the allow for the traffic and the second one is deny on the file blocking profile.</P> Sat, 03 Apr 2021 04:34:23 GMT https://live.paloaltonetworks.com/t5/general-topics/file-blocking-for-allowing-specific-file-type-to-be-download/m-p/395638#M91295 Vijaygvasan 2021-04-03T04:34:23Z https://live.paloaltonetworks.com/t5/general-topics/file-blocking-for-allowing-specific-file-type-to-be-download/m-p/395969#M91326 <P>Hi <a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/167254">@Vijaygvasan</a> ,</P> <P>&nbsp;</P> <P>Your suggestion to decrypt the traffic is the way to go in my humble opinion.</P> <P>&nbsp;</P> <P>I'm afraid that without a decryption policy, file blocking just won't do a decent job.&nbsp; You won't have any visibility inside any HTTPS traffic and you won't be able to block anything using file blocking this way.</P> <P>&nbsp;</P> <P>If you don't want to use a decryption policy then I suggest that you use some form of endpoint protection (Cortex XDR ?) but I'm not sure it allows for the same granularity.</P> <P>&nbsp;</P> <P>Cheers,</P> <P>-Kiwi.</P> <DIV id="ConnectiveDocSignExtentionInstalled" data-extension-version="1.0.4">&nbsp;</DIV> Tue, 06 Apr 2021 08:53:11 GMT https://live.paloaltonetworks.com/t5/general-topics/file-blocking-for-allowing-specific-file-type-to-be-download/m-p/395969#M91326 kiwi 2021-04-06T08:53:11Z https://live.paloaltonetworks.com/t5/general-topics/file-blocking-for-allowing-specific-file-type-to-be-download/m-p/395988#M91328 <P>Thanks buddy, I have made the decryption policy anyways and im able to block and allow the traffic as intended. Also i could face a bit of slowness issue it takes more time than usual to load web pages. basic web browsing like yahoo, times of india, speed test etc. So will there be any option to check whether and why it takes long time.</P> Tue, 06 Apr 2021 10:21:47 GMT https://live.paloaltonetworks.com/t5/general-topics/file-blocking-for-allowing-specific-file-type-to-be-download/m-p/395988#M91328 Vijaygvasan 2021-04-06T10:21:47Z