File Blocking and the Continue Action

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

File Blocking and the Continue Action

L0 Member

Hello,

I understand the main purpose of the continue action, and the additional level of effort the end user must take to ensure they intended to download a specific file.  Can anyone verify that the continue feature works if someone was trying to upload a file?  Think of a scenario where a company roles out a new AUP and they are trying to ease the employees into following corporate policy for data being sent through a means deemed unacceptable.  It would be nice if you could set a custom block, or continue page to notify the end user that the chosen transfer medium may no longer be in compliance with corporate policy.

It would be fair easy to test, but unfortunately I don't have a way to test tonight, and kind of need a quick answer.  If anyone has any input it would be greatly appreciated!

Thanks in advice,

jc   

1 accepted solution

Accepted Solutions

Jason,

The upload action should work in the case of file upload to drop-box with the security rule as mentioned above in the security rule.

Regards

Parth

View solution in original post

5 REPLIES 5

L4 Transporter

The file blocking feature

You should be having the direction set to "both"  in the file blocking profile.

Since the traffic is governed through the security policies in the firewall, it is all zone based.

The security profile that needs to be applied to the policies should be the following across the zones. For example , say block .exe files.

blk-exe.PNG

pro.PNG

Security Rule in this case would be the following:-

sec-rul1.PNG

The file block page/custom page will be displayed for the file types ".exe" through across the zones. The file type should match with the type set for either "block" or "continue" to trigger the response page.

If you need to set up custom page, you can upload under Device>Response Page

res.PNG

Let me know if that helps.

Regards

Parth

Thank you for your quick response Parth,

I understand that the security profile needs to be associated to a specific zone, but my main concern is the fact that I can not find anywhere stating that if user A opens a .pdf file (or a .exe in your example), and tries to push that file through the egress traffic of the Trust to the Untrust zones to Dropbox/Google Drive and I have a rule setup similar to yours but it states upload instead of both have continue instead of block...will that user be challenged with a continue page.

Wow, I really just wrote a paragraph using one sentence...need sleep.  Thanks again Parth I really appreciate it.  I hope this makes sense and if you can just verify that the outcome would be the same I am 100% happy.  I am trying to complete a final document, and have been assuming that this just worked and when I logged into the response page to edit a custom page for them I noticed it said downloads, and never mentioned uploading.  Thats what made me second guess everything.

I really appreciate the time you took to help out seriously!

jc

Jason,

The upload action should work in the case of file upload to drop-box with the security rule as mentioned above in the security rule.

Regards

Parth

Awesome Parth,

Thank you again my friend, I really appreciate it!  Your input has been a huge benefit.

Anytime Jason Smiley Happy

If there are any issues with this, please open a support ticket and we will be able to assist you.

Have fun!!!

Regards

Parth

  • 1 accepted solution
  • 4694 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!