Guides
ProductDeveloperPartnerPersonal
Guides

Test File Inspection

After setting up Umbrella, we recommend that you check your configured Umbrella Web policy. You can evaluate a Web policy with File Inspection enabled by pointing your browser to one of our test files.

Note: To only evaluate a Web policy, you must disable all Umbrella DNS security categories for your identities.

Prerequisites

  • A device enrolled in an Umbrella policy with File Inspection enabled.

Procedure

  1. Browse to one of the Umbrella EICAR test files.
Test FileDescription
http://proxy.opendnstest.com/download/eicar.comCisco Umbrella clear text test file.
https://ssl-proxy.opendnstest.com/download/eicar.comCisco Umbrella encrypted test file.
http://proxy.opendnstest.com/download/AMP_TEST_FILE.txtCisco AMP clear text test file.
https://ssl-proxy.opendnstest.com/download/AMP_TEST_FILE.txtCisco AMP encrypted test file.
  1. After loading a File Inspection test file, you should see a block page. Diagnostic information includes details about which server the file went through. If you do not see a block page, see Troubleshoot File Inspection.
768

Block Page Diagnostic Information

The Umbrella block page diagnostic information identifies the hostname of the reputation authority. When proxying a domain or URL, Umbrella evaluates the destination in two phases.

  1. Umbrella receives a request and checks the reputation of the domain or URL. If the destination is known to be malicious, Umbrella blocks the request and displays a block page. The block page diagnostic information lists the Server as nginx.
  2. Next, Umbrella checks if a destination matches a security category or is blocked by a rule in the Web policy. If a destination is not blocked, then Umbrella retrieves any requested content from the URL. Umbrella scans the requested files by file inspection (antivirus and AMP). If a file is malware, Umbrella returns a block page. The block page diagnostic information lists the Server as mps.

Enable Threat Grid Malware Analysis < Test File Inspection > Troubleshoot File Inspection