What is the reason that the Applications field within File Blocking Profiles only allow a subset of all applications? For instance, I have a file blocking profile that alerts on several file extensions for webmail applications I've specified, and I'm trying to add meetup-email, startmail, and zimbra, but these are not available.
I thought perhaps the file block profiles only allow applications that have the "Capable of file transfer" characteristic, but all the apps I've mentioned have it.
have you checked if adding web-browsing to file blocking does work, as zimbra etc rely on http for their transport (and you set up ssl decryption)
Sure, you could add web-browsing, but then the file blocking profile would apply to much more traffic than the webmail apps I'm trying to alert/block on. I suppose a workaround would be creating a seperate security policy with only the webmail apps specalong with a seperate file blocking profile for it and select 'any' apps in the file blocking profile.
Still wondering why there is a limited subset of apps within file blocking profiles though.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!