Umbrella SIG User Guide

The Umbrella User Guide Developer Hub

Welcome to the Umbrella User Guide developer hub. You'll find comprehensive guides and documentation to help you start working with Umbrella User Guide as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

Enable File Type Control

Suggest Edits

With Umbrella's File Type Control, you can manage the types of files that identities can download. Umbrella checks a file based on its file extension and uses a detection engine to evaluate the file. For example, if a .gif files extension is changed to .xyz, Umbrella will still detect that the file is a .gif.

Note: File Type Control can only be enabled through the Web policy's rulesets.

Table of Contents

Prerequisites

Procedure

  1. Navigate to Policies > Management > Web Policy and click Add or expand an existing ruleset.
  1. Under Ruleset Settings, for File Type Control, click Edit.
  1. Select file types to be blocked and click Save.
  1. Expand a group to choose specific file types. For more information about available file types, see File Types to Block.
    Note: When an entire file type group is selected, all future file types added to that group are also blocked.

Note: You must also enable HTTPS inspection.

  1. For HTTPS Inspection, click Edit and select Enable HTTPS Inspection.
  1. From the pull-down menu, optionally select a preconfigured Selective Decryption List.
    This preconfigured Selective Decryption List contains content categories and domains to be exempted from HTTPS inspection for the ruleset.

File Type Control Outcomes Through Rule Actions

File Type Control configuration at the ruleset level can only be overridden with the rule action, Allow (with security overridden).

  • Allow (with security applied)—Any file types matching the parent ruleset’s File Type Control configuration will be blocked.
  • Allow (with security overridden)—The parent ruleset’s File Type Control configuration will be ignored. For more information, see Override Security.
  • Warn—When the end-user clicks through the warning page to proceed, any file types matching the parent ruleset’s File Type Control configuration will be blocked.
  • Block—The transaction is stopped and the parent ruleset’s File Type Control configuration is irrelevant.
  • Isolate—If the end-user chooses to download a file from the isolated remote browser’s document viewer, any file types matching the parent ruleset’s File Type Control configuration will be blocked.

Blocking some file types may cause a website not to display correctly.

Manage File Type Control < Enable File Type Control > File Types to Block

Updated 9 months ago

Enable File Type Control

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.