The Umbrella User Guide Developer Hub

Welcome to the Umbrella User Guide developer hub. You'll find comprehensive guides and documentation to help you start working with Umbrella User Guide as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

Enable File Inspection for the Web Policy

For the Web policy, File Inspection is enabled through a ruleset. File Inspection uses Cisco's Advanced Malware Protection (AMP) as well as Umbrella's antivirus engines to scan for malicious files. Once inspections are complete, a file is either delivered or the connection is terminated and the user is served the IP of the block page.

Note: You must first enable File Inspection before you can enable Threat Grid Malware Analysis.

Monitor and Review File Inspection

Once you have enabled File Inspection, to monitor and review Umbrella's inspection activities, use the Security Activity and Activity Search reports. For more information, see Review File Inspection Through Reports.

Before You Start — Install a Root Certificate

A root certificate must be installed on all machines. For more information, see Manage Certificates.

Enable File Inspection for a Web Policy

By default, File Inspection is enabled.

  1. Navigate to Policies > Management > Web Policy and click Add or expand an existing ruleset.
  2. Under Ruleset Settings, for File Analysis, click Edit.
  1. Enable File Inspection and click Save.
  1. For HTTPS Inspection, click Edit and select Enable HTTPS Inspection.
    Note: Although not required, we recommend enabling HTTPS Inspection.
  1. From the pull-down menu, optionally select a preconfigured Selective Decryption List.
    This preconfigured Selective Decryption List contains content categories and domains to be exempted from HTTPS inspection for the ruleset.
  1. Click Save.

Enable File Inspection for DNS Policies < Enable File Inspection for the Web Policy > Test File Analysis

Updated 6 months ago

Enable File Inspection for the Web Policy

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.