Block executable downloads with Web Security Services portal
search cancel

Block executable downloads with Web Security Services portal

book

Article ID: 168453

calendar_today

Updated On:

Products

Cloud Secure Web Gateway - Cloud SWG

Issue/Introduction

You want to block users from downloading executable files from any browser using Cloud SWG (WSS) portal.

Resolution

Block users from downloading executable files using a Threat Protection Rule

  1. Go to the WSS portal and select Policy > Threat Protection
  2. Locate the existing rule that you want to edit or create a new rule.
  3. The Content and Limits section in page is where you add restrictions for File Type.
    1. For a new rule, click "+ Content and Limits" and select the content filter you want to apply
    2. For an existing rule, click "Add / Edit" to modify the existing Content and Limits
  4. Click Save to save the Content and Limits condition
  5. Click "Add Rule" or "Save Rule".
  6. Click Activate to enable the rule.

NOTE: If the URL to download the file is over HTTPS, you need "SSL Interception" enabled in order for Web Security Services (WSS) to block downloads.

[Image 1] "New Rule: Threat Protection Group B" dialog

Additional Information

Important note: File based policies are intended to be put in the Threat Protection layer rather than the Content Filtering / Acceptable Use layer.

Specifically advanced verdicts available in the Content Filtering rules ("Allow with Coach" and "Block with Password Override") are designed to be applied to web-pages so that the coaching or password override page can be returned and displayed to the user.

Powered by Wolken Software