blocking audio/video via File blocking Security Profiles but most filetypes are missing

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

blocking audio/video via File blocking Security Profiles but most filetypes are missing

L1 Bithead

Hello,

I'm running 3.1 und want to create a profile to block common audio/video-content in general but can't find most of the corresponding file-types to select, i.e. mp3, mp4, xvid, divx, rm, mkv .. ( although some are numbered in file-type list of nrice )

Any idea to cover this ?

6 REPLIES 6

L3 Networker

Are there no applications you can use for this instead?

Or is that not an option in your case? Like setup an application filter containing:

category: media

subcategory: audio-streaming

category: media

subcategory: photo-video

Another method worth investigating might be to setup a custom url-category where you set the urls to:

*.mp3

*.mp4

and so on... the downside is the false-positives if you visit a page that ends in lets say .mp3 but its actually an html-page (or for that matter if you have clients running ie who ignores the ending and goes for the magic bytes instead - like an url which ends with .htm but its actually an exe-file and so on).

L1 Bithead

Any news on this, as the suggested solution is not really applicable (in my case anyway) ?

You may want to submit a feature request through your SE for the file types you need.  We have the signatures for all of those on the list your are referring to but some (such as MP3) have not been tested and released yet.  The only files supported at this time are those that appear under File Blocking on the Objects tab.

Hello again,

I still can't see a major improvement in common audio/video-formats available for blocking.

Blocking applications or subparts of it like suggested has become harder ( V3.1.x ) because of the applications dependeny problems

listed during config-validation, which themselve ( if trying to resolve ) cause other issues e.g. with URL-policiy handling.

If you have them available ( as noted ), why don't you allow us customers to test under real-life conditions.

It would be better than to have nothing, and I asume a high ( maybe not perfect ) detection rate.

One more thing that would be very helpful would be to negate users/group in a policy ( like negating ip-addresses )

Kind Regards

Franz Leippert

Hi Frank,

As regards availability of audio/video file formats, did you already correspond with your SE/partner regarding the formats you are looking for (I know you have mentioned some formats in your initial email but just wanted to make sure that we have the complete and prioritized list).  I have passed your feedback regarding negate user/group to relevant folks.

Thanks for your feedback,

Sandeep

Hello Sandeep,

I'll check on this again with my partner

Kind Regards

Franz Leippert

  • 3963 Views
  • 6 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!