Cloud NGFW for AWS
Configure File Blocking on Cloud NGFW for AWS
Table of Contents
Configure File Blocking on Cloud NGFW for AWS
Learn how to setup file blocking on your Cloud NGFW for AWS resource.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
|
File blocking allows you to identify specific file types that you want to block or
monitor. For most traffic (including traffic on your internal network), block files
that are known to carry threats or that have no real use case for upload and
download. These include batch files, DLLs, Java class files, help files, Windows
shortcuts (.lnk), and BitTorrent files.
Cloud NGFW can take the following actions on files moving through your network.
- Alert—When the specified file type is detected, a log is generated in the data filtering log.
- Block—When the specified file type is detected, the file is blocked and a customizable block page is presented to the user. A log is also generated in the data filtering log.
- Continue—When the specified file type is detected, a response page is presented to the user. The user can click through the page to download the file. A log is also generated in the data filtering log. Because this type of forwarding action requires user interaction, it's only applicable for web traffic.
In addition, you can allow or block file types based on the direction they are
going—Download, Upload, or Upload and Download.
- Select Rulestacks and select a previously created rulestack on which to configure file blocking.
- Select .
- Select the file type from the displayed list.
- Set the Action and Direction of traffic for the selected file types from the drop-downs.
- Click Save.
Change the File Blocking Profile
By default, the file blocking profile is set to Best
Practice. To change the file blocking profile:
- In the Malware and File-based Threat Protection screen, navigate to File Blocking.
- Use the drop-down to select Custom.
- Open the Cloud NGFW console. Navigate to .
- In the Set Action drop-down, change the action to Alert or Continue.
