01-10-2012 10:26 AM
Our current file blocking policy blocks zip files, however, users are getting blocked from downloading compressed Office documents. Office 2007 and 2010 save files in the docx, pptx, xlsx type extensions. They are technically zip files, since you can change the extension to .zip and it will open in a zip program.
The thought was to create a custom signature to allow these files, since the following seems to be persistent.
The file starts with: 50 4B 03 04 14 00 06 00 08 00 00 00 21 00
At offset 1E, it contains: 5B 43 6F 6E 74 65 6E 74 5F 54 79 70 65 73 5D 2E 78 6D 6C (this is the description for the file name [Content_Types].xml, which appears in these types of files)
Is there a way to make this work?
Thanks,
Carlo
01-11-2012 01:58 AM
I guess so, take a look at rkim's first reply in https://live.paloaltonetworks.com/thread/2898?tstart=0 for guidelines on how to submit app requests.
01-11-2012 01:58 AM
I guess so, take a look at rkim's first reply in https://live.paloaltonetworks.com/thread/2898?tstart=0 for guidelines on how to submit app requests.
01-19-2012 10:55 AM
How do I create a custom application or data filtering profile for this?
01-19-2012 11:21 AM
If I could do a pattern match in the context of file-ZIP-body, that would help, but that doesn't seem to exist.
02-03-2015 01:41 AM
We have the same problem. I'm looking for ...
Do you know any solution?
:smileyconfused:
Regards,
02-04-2015 02:27 AM
hi,
feature request already open: FR ID:1829
please contact your SE to vote for it! I already did and we need more votes 
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
