The Umbrella User Guide Developer Hub

Welcome to the Umbrella User Guide developer hub. You'll find comprehensive guides and documentation to help you start working with Umbrella User Guide as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

Enable File Inspection for the Web Policy

For the Web policy, File Inspection is enabled through a ruleset. File Inspection uses Cisco's Advanced Malware Protection (AMP) as well as Umbrella's antivirus engines to scan for malicious files. Once inspections are complete, a file is either delivered or the connection is terminated and the user is served the IP of the block page.

Once you have enabled File Inspection, to monitor and review Umbrella's inspection activities, use the Security Activity and Activity Search reports.

Note: You must first enable File Inspection before you can Enable Threat Grid Malware Analysis.



By default, File Inspection is enabled.

  1. Navigate to Policies > Management > Web Policy and click Add or expand an existing ruleset.
  1. Under Ruleset Settings, for File Analysis, click Edit.
  1. Enable File Inspection and click Save.
  1. For HTTPS Inspection, click Edit and select Enable HTTPS Inspection.
    Note: Although not required, we recommend enabling HTTPS Inspection.
  1. From the pull-down menu, optionally select a preconfigured Selective Decryption List.
    This preconfigured Selective Decryption List contains content categories and domains to be exempted from HTTPS inspection for the ruleset.
  1. Click Save.

Enable File Inspection for DNS Policies < Enable File Inspection for the Web Policy > Enable Threat Grid Malware Analysis

Updated about a month ago

Enable File Inspection for the Web Policy

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.