Blocking by file type
Note that this option is available for Forcepoint Web Security Cloud only.
Steps
- On the File Blocking tab, click the file type that you want to configure for blocking.
- On the File Block Details page, set the file blocking Rule State to Enabled.
-
To configure blocking by file size:
- Under Blocking Options, select Block all files over... KB.
- Define whether you want to block all files of this type over a particular size that you enter, or block files over a particular size for this type but only in specific categories. You also have the option to block files in specific categories without regard to size.
-
To block files in specific categories:
- Select Category specific blocking.
- Optionally, to block files by size, select Block files in certain categories over... KB, then fill in the size in kilobytes.
Only files of the selected type that are over this size will be blocked in the categories you choose.
- By default, the selected file type is blocked for all categories. To change this, use the category and action lists.
You can select a category directly from the list, or enter text in the search box to locate the category you want. Click on the plus sign to the left of each category to view subcategories to which you can also apply blocking actions. If the parent and subcategory actions differ, an asterisk appears next to the parent category.
To select multiple categories, use the Shift and/or Ctrl keys. You can also use the drop-down menu above the category list to select all Web 2.0 categories or privacy categories, or to select or deselect all categories.
- Optionally, enter or select the users and groups to whom the file blocking applies. You can also specify that the file blocking applies to all users and groups in the policy except the group you select.
- Select the block page that will be displayed when this file type is detected and blocked. Block pages are not displayed for image files; instead images are replaced by a 1x1 pixel transparent image.
-
Click Save.
Important: Archived/compressed files are inspected for malware but are not extracted to determine if the contents contain a file that should be blocked based on file type. Archived and compressed files can be blocked, if needed, and access to all files contained in those archived files is blocked.