Guides
ProductDeveloper
Guides

Enable File Type Control

With Umbrella's File Type Control, you can manage the types of files that identities can download. Umbrella checks a file based on its file extension and uses a detection engine to evaluate the file. For example, if a .gif files extension is changed to .xyz, Umbrella will still detect that the file is a .gif.

Note: File Type Control can only be enabled through the Web policy's rulesets.

Table of Contents

Prerequisites

Procedure

  1. Navigate to Policies > Management > Web Policy and click Add or expand an existing ruleset.
1162
  1. Under Ruleset Settings, for File Type Control, click Edit.
1215
  1. Select file types to be blocked and click Save.
720
  1. Expand a group to choose specific file types. For more information about available file types, see File Types to Block.
    Note: When an entire file type group is selected, all future file types added to that group are also blocked.
720

Note: You must also enable HTTPS inspection.

  1. For HTTPS Inspection, click Edit and select Enable HTTPS Inspection.
722
  1. From the pull-down menu, optionally select a preconfigured Selective Decryption List.
    This preconfigured Selective Decryption List contains content categories and domains to be exempted from HTTPS inspection for the ruleset.
722

File Type Control Outcomes Through Rule Actions

File Type Control configuration at the ruleset level can only be overridden with the rule action, Allow (with security overridden).

  • Allow (with security applied)—Any file types matching the parent ruleset’s File Type Control configuration will be blocked.
  • Allow (with security overridden)—The parent ruleset’s File Type Control configuration will be ignored. For more information, see Override Security.
  • Warn—When the end-user clicks through the warning page to proceed, any file types matching the parent ruleset’s File Type Control configuration will be blocked.
  • Block—The transaction is stopped and the parent ruleset’s File Type Control configuration is irrelevant.
  • Isolate—If the end-user chooses to download a file from the isolated remote browser’s document viewer, any file types matching the parent ruleset’s File Type Control configuration will be blocked.

👍

Blocking some file types may cause a website not to display correctly.


Manage File Type Control < Enable File Type Control > File Types to Block