Set Up File Blocking on Cloud NGFW for AWS

File Blocking allows you to identify specific file types that you want to want to block or monitor. For most traffic (including traffic on your internal network), block files that are known to carry threats or that have no real use case for upload/download. These include batch files, DLLs, Java class files, help files, Windows shortcuts (.lnk), and BitTorrent files.
Cloud NGFW can take the following actions on files moving through your network.
  • Alert
    —When the specified file type is detected, a log is generated in the data filtering log.
  • Block
    —When the specified file type is detected, the file is blocked and a customizable block page is presented to the user. A log is also generated in the data filtering log.
  • Continue
    —When the specified file type is detected, a response page is presented to the user. The user can click through the page to download the file. A log is also generated in the data filtering log. Because this type of forwarding action requires user interaction, it is only applicable for web traffic.
In addition, you can allow or block file types based on the direction they are going—Download, Upload, or Upload and Download.
  1. Select
    Rulestacks
    and select a previously-created rulestack on which to configure file blocking.
  2. Select
    Security Profiles
    Malware and File-based Threat Protection
    File Blocking
    Edit
    .
  3. Select the file type or types from the displayed list.
  4. Set the
    Action
    and
    Direction of traffic
    for the selected file types from the drop-downs.
  5. Click
    Save
    .

Recommended For You