Objects > Security Profiles > File Blocking
You can attach a File Blocking profile to a Security policy rule (Policies > Security) to block users from uploading or downloading specified file types or to generate an alert when a user attempts to upload or download specified file types.
For the best security, apply the predefined strict profile. If you need to support critical applications that use a file type which the strict profile blocks, clone the strict profile and make only the file type exceptions you need. Apply the cloned profile to a Security Policy rule that restricts the exception to only the sources, destinations, and users that need to use the file type. You can also use Direction to restrict the exception to uploading or downloading.
If you don’t block all Windows PE files, send all unknown files to WildFire for analysis. For user accounts, set the Action to continue to help prevent drive-by downloads where malicious web sites, emails, or pop-ups cause users to inadvertently download malicious files. Educate users that a Continue prompt for a file transfer they didn’t knowingly initiate may mean they are subject to a malicious download.
The following tables describe the file blocking profile settings.
File Blocking Profile Settings
Enter a profile name (up to 31 characters). This name appears in the list of file blocking profiles when defining security policies. The name is case-sensitive and must be unique. Use only letters, numbers, spaces, hyphens, and underscores.
Enter a description for the profile (up to 255 characters).
Shared (Panorama only)
Select this option if you want the profile to be available to:
Disable override (Panorama only)
Select this option to prevent administrators from overriding the settings of this File Blocking profile in device groups that inherit the profile. This selection is cleared by default, which means administrators can override the settings for any device group that inherits the profile.
Define one or more rules to specify the action taken (if any) for the selected file types. To add a rule, specify the following and click Add:
Set Up File Blocking
Set Up File Blocking File Blocking Profiles allow you to identify specific file types that you want to want to block or monitor. For most ...
Create the Data Center Best Practice File Blocking Profile
Protect you data center from file types that you don’t use and that don’t belong there. ...
Create Best Practice Security Profiles for the Internet Gat...
Use these File Blocking settings as a best practice at your internet gateway. ...
Device > Response Pages
Device > Response Pages Custom response pages are the web pages that display when a user tries to access a URL. You can provide a ...
Security Profiles While security policy rules enable you to allow or block traffic on your network, security profiles help you define an allow but scan ...
Transition File Blocking Profiles Safely to Best Practices
Apply File Blocking profiles to allow rules to protect against risky file types used in malware campaigns without risking application availability. ...
Objects > Security Profiles > Data Filtering
Objects > Security Profiles > Data Filtering Data filtering enables the firewall to detect sensitive information—such as credit card or social security numbers or internal ...
Forward Files for WildFire Analysis
Forward Files for WildFire Analysis Configure Palo Alto Networks firewalls to forward unknown files or email links and blocked files that match existing antivirus signatures ...
New Security-Focused URL Categories
Use the new security-focused URL categories to implement simple security and decryption policies based on website safety, without requiring you to research and individually assess ...