Enable File Type Control
With Umbrella's File Type Control, you can manage the types of files that identities can download. Umbrella checks a file based on its file extension and uses a detection engine to evaluate the file. For example, if a .gif files extension is changed to .xyz, Umbrella will still detect that the file is a .gif.
Note: File Type Control can only be enabled through the Web policy's rulesets.
Table of Contents
- Full admin access to the Umbrella dashboard. See Manage User Roles.
- Navigate to Policies > Management > Web Policy and click Add or expand an existing ruleset.
![web-policy.png 1162](https://files.readme.io/c00fc45-web-policy.png)
- Under Ruleset Settings, for File Type Control, click Edit.
![disabled_file_inspection.png 1215](https://files.readme.io/df56548-disabled_file_inspection.png)
- Select file types to be blocked and click Save.
![selected_filetypes.png 720](https://files.readme.io/620e74c-selected_filetypes.png)
- Expand a group to choose specific file types. For more information about available file types, see File Types to Block.
Note: When an entire file type group is selected, all future file types added to that group are also blocked.
![specific_file_type.png 720](https://files.readme.io/e8d1912-specific_file_type.png)
Note: You must also enable HTTPS inspection.
5. For HTTPS Inspection, click Edit and select Enable HTTPS Inspection.
![https_inspection_select.png 722](https://files.readme.io/b06c1af-https_inspection_select.png)
- From the pull-down menu, optionally select a preconfigured Selective Decryption List.
This preconfigured Selective Decryption List contains content categories and domains to be exempted from HTTPS inspection for the ruleset.
![enable_https_inspection.png 722](https://files.readme.io/1f0cf12-enable_https_inspection.png)
###File Type Control Outcomes Through Rule Actions
File Type Control configuration at the ruleset level can only be overridden with the rule action, Allow (with security overridden).
- Allow (with security applied)—Any file types matching the parent ruleset’s File Type Control configuration will be blocked.
- Allow (with security overridden)—The parent ruleset’s File Type Control configuration will be ignored. For more information, see Override Security.
- Warn—When the end-user clicks through the warning page to proceed, any file types matching the parent ruleset’s File Type Control configuration will be blocked.
- Block—The transaction is stopped and the parent ruleset’s File Type Control configuration is irrelevant.
- Isolate—If the end-user chooses to download a file from the isolated remote browser’s document viewer, any file types matching the parent ruleset’s File Type Control configuration will be blocked.
Blocking some file types may cause a website not to display correctly.
Manage File Type Control < Enable File Type Control > File Types to Block
Updated 8 months ago