File Types and Applications regarding SSL Decryption

Showing results for 
Show  only  | Search instead for 
Did you mean: 

File Types and Applications regarding SSL Decryption

L3 Networker

Hi All,

I don't have content Filter License.

am I required to configure ssl decryption to block internet applications or file types?

shall I've a content filter license to configure ssl decryption or not?

Also I'm facing other Issues,

to open internet access for users, I open web-browsing application and ssl.

while I'm trying to brows the internet I find YouTube is allowed also. and I can't block it anyway until I remove ssl from the applications. which causes all the HTTPS sites not to work.

another issue is that I configure a policy between the users and my the file server to allow applications ( ms-ds-smb, msrpc, netbios-ns, netbios-ss, netbios-dg, ping) and drop some file types

Like exe files. and nothing happens. So the users can upload and download exe files from the file server.

how all these issues can be resolved.




Hi Panos,

here you are the required outtput

admin@PA-SRV-2# show profiles file-blocking "prevent on file server"

"prevent on file server" {

  rules {

    "Standard users" {

      application any;

      file-type [ apk avi avi-divx avi-xvid bat cab class dll exe flv hta jar mov mp3 mp4 reg rm torrent wmv wsf];

      direction both;

      action block;




admin@PA-SRV-2# show rulebase security rules FileServer-Rule

FileServer-Rule {

  option {

    disable-server-response-inspection no;


  from any;

  to any;

  source Sukari-Clients;

  destination FileServer-Group;

  source-user any;

  category any;

  application FileServer-Apps;

  service application-default;

  hip-profiles any;

  action allow;

  log-start yes;

  log-end yes;

  negate-source no;

  negate-destination no;

  disabled no;

  profile-setting {

    profiles {

      file-blocking "prevent on file server";

      virus Antivirus-Block;

      spyware Anti-Spyware-Profile;

      vulnerability "Vulnerability Profile";




and also the traffic is matching the rule to the file server.

any recommendation?


Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!