You can attach a File Blocking profile to a Security
policy rule (Policies
> Security) to block users from uploading or downloading
specified file types or to generate an alert when a user attempts
to upload or download specified file types.
Enter a profile name (up to 31 characters).
This name appears in the list of file blocking profiles when defining
security policies. The name is case-sensitive and must be unique.
Use only letters, numbers, spaces, hyphens, and underscores.
Enter a description for the profile (up
to 255 characters).
Select this option if you want the profile
to be available to:
Every virtual system (vsys) on
a multi-vsys firewall. If you clear this selection, the profile
will be available only to the
Every device group on Panorama. If you clear this selection,
the profile will be available only to the
Disable override (
Select this option to prevent administrators
from overriding the settings of this File Blocking profile in device groups
that inherit the profile. This selection is cleared by default, which
means administrators can override the settings for any device group
that inherits the profile.
Define one or more rules to specify the
action taken (if any) for the selected file types. To add a rule,
specify the following and click
a rule name (up to 31 characters).
—Select the applications
the rule applies to or select
—Click in the file types
field and then click
to view a list of
supported file types. Click a file type to add it to the profile
and continue to add additional file types as needed. If you select
the defined action is taken on all supported file types.
—Select the direction of
the file transfer (
—Select the action taken when
the selected file types are detected:
—An entry is added to the threat
—The file is blocked.
—A message to the user indicates
that a download has been requested and asks the user to confirm
whether to continue. The purpose is to warn the user of a possible
unknown download (also known as a drive-by-download) and to give
the user the option of continuing or stopping the download.
you create a file blocking profile with the action
you can only choose the application
you choose any other application, traffic that matches the Security
policy rule will not flow through the firewall due to the fact that
the users will not be prompted with a continue page.