Advanced file analysis

Advanced file analysis is a cloud-hosted or on-premises sandbox for deep content inspection of types of files that are common threat vectors (for example, document, executable, data, or archive files). Use the advanced file analysis filter to configure file type analysis for your network.

The cloud sandbox capability is available only if your subscription includes Forcepoint Advanced Malware Detection for Email - Cloud. For on-premises analysis, you need to deploy a separate Forcepoint Advanced Malware Detection for Email - On-Premises.

Configure the advanced file analysis platform on the page Settings > General > Advanced File Analysis. You may select only one platform for advanced file analysis. See Selecting advanced file analysis platform. When you configure an advanced file analysis filter, the platform selected on the Advanced File Analysis page is reflected on the Add/Edit Filter page. Available filter settings depend on the platform used.

The filter can be used in either monitor or enforce mode, with an option for sending a notification message when the enforce mode is active, when the filter is triggered, and when the attachment is sent to advanced file analysis. You can define conditions that, when met, allow a message to bypass the advanced file analysis filter.