Blocking all files upload

Reply
Highlighted
L1 Bithead

Blocking all files upload

Hi, 

 

Anyone has ever figured out how to block any inside hosts to upload any kind of file outside, but still allowing web browsing? The file blocking option support only specific type of files... and the APP-ID database doesn't have any king of basic http or https upload APP-ID.

 

I know it's not the better protection to configure but I'm trying to block any kind of file that is truing to be uploaded.

 

Thanks, 

Highlighted
L3 Networker

Hmmm I thought you could choose ANY in Filetypes, Im assuming that even when you do choose ANY it still doesnt work? 

Highlighted
L1 Bithead

Exactly ANY = ANY files in the supported list in file blocking... so not really ANY files type...

 

So not really scalable.

Highlighted
L6 Presenter

@mchartier,

 

Currently the possible way to configure it is on the basis on APP-IDs like FTP, Dropbox etc instead of file types.

The other workaround will be - Create Custom Signature and limit file size upload. You can keep limit to minimal.

 

Mayur



Mayur
Highlighted
L3 Networker

We have a similar policy like that, acces to online storage is denied through our default Internet URL policy.
We have another policy that allows access to online storage if you are a member of a specific AD group.
We also have a "read-only" policy that allows everyone access to the approved applications within online storage category and underneath the read-only policy is another policy that denies upload via app ID. I know that theorhetically we do not need the extra policy denying upload but I think it adds an extra layer of security.

Hope that makes sense. 

Highlighted
L1 Bithead

The only problem with that is that it can be easily bypassed by using a simple http post on a website that is not categorize like Online storage... but at least it's a start we all do. 

 

 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!