Enable File Type Control
With Umbrella's File Type Control, you can manage the types of files that identities can download. Umbrella checks a file based on its file extension and uses a detection engine to evaluate the file. For example, if a .gif files extension is changed to .xyz, Umbrella will still detect that the file is a .gif.
Note: File Type Control can only be enabled through the Web policy's rulesets.
Table of Contents
- Full admin access to the Umbrella dashboard. See Manage User Roles.
- Navigate to Policies > Management > Web Policy and click Add or expand an existing ruleset.
- Under Ruleset Settings, for File Type Control, click Edit.
- Select file types to be blocked and click Save.
- Expand a group to choose specific file types. For more information about available file types, see File Types to Block.
Note: When an entire file type group is selected, all future file types added to that group are also blocked.
Note: You must also enable HTTPS inspection.
5. For HTTPS Inspection, click Edit and select Enable HTTPS Inspection.
- From the pull-down menu, optionally select a preconfigured Selective Decryption List.
This preconfigured Selective Decryption List contains content categories and domains to be exempted from HTTPS inspection for the ruleset.
###File Type Control Outcomes Through Rule Actions
File Type Control configuration at the ruleset level can only be overridden with the rule action, Allow (with security overridden).
- Allow (with security applied)—Any file types matching the parent ruleset’s File Type Control configuration will be blocked.
- Allow (with security overridden)—The parent ruleset’s File Type Control configuration will be ignored. For more information, see Override Security.
- Warn—When the end-user clicks through the warning page to proceed, any file types matching the parent ruleset’s File Type Control configuration will be blocked.
- Block—The transaction is stopped and the parent ruleset’s File Type Control configuration is irrelevant.
- Isolate—If the end-user chooses to download a file from the isolated remote browser’s document viewer, any file types matching the parent ruleset’s File Type Control configuration will be blocked.
Blocking some file types may cause a website not to display correctly.
Manage File Type Control < Enable File Type Control > File Types to Block
Updated about 1 year ago