Ability to block file types from websites

Unanswered Question
Apr 2nd, 2009
User Badges:

Hi All,

Seeming the knowledge base wasnt much help and I cant get through to support.

I was hoping someone here could help.

I am trying to create a policy which will block downloads only for webmail sites. I do not want any users able to download any attachments from webmail sites.

Any help would be appreciated.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Off the top of my head, (can't test atm)

Could you create a new access policy, and in the "Policy Member Definition" set it to be defined on a user category of "Web-based E-mail". (advanced section)

So this Access Group would only be valid if someone access those sites. then
Submit that and then set Object Blocking rules on that access policy to block file types.

Might be an easier way though

jowolfer Thu, 04/02/2009 - 15:31
User Badges:

Peteri,

I don't believe that this can be done effectively and properly. Each webmail server may have there own way of delivering the "attachment".

You may be able to set an access policy to only trigger on webmail and also to block all file types (other then html, so forth). This would probably work in alot of cases.

Note that if they are using HTTPS, you'll need to have HTTPS decryption enabled on the WSA.

jowolfer Thu, 04/02/2009 - 15:32
User Badges:

Also,

I'm concerned that you couldn't get ahold of anyone in support. How did you contact support?

Do you have an open ticket already?

peteri_ironport Thu, 04/02/2009 - 22:59
User Badges:

Hi Josh,

Thanks for the reply.

Couldnt get hold of support as my S160 gives this error message

The Critical message is:

Internal SMTP giving up on message to [email protected] with subject 'IronPort S160 Support Request for ironport.domain.com.au [Ability to\n\tblock filer type downloads]': Unrecoverable error.

Product: IronPort S160 Web Security Appliance
Model: S160
Version: 5.6.0-623
Serial Number: ##
Timestamp: 02 Apr 2009 16:56:55 +1100

obviously I have removed my real domain name and serial number.

Obviously email works as the unit itself was able to email me the error and I have checked the settings are correct.

Can someone provide a link in the KB for how to setup a poicy to block all downloads from a web site.

Thanks

jowolfer Fri, 04/03/2009 - 15:35
User Badges:

Peteri,

The support request that you are sending is a fairly large file. It's possible that the mail server is blocking it. The "system logs" should hold some more data regarding this.

My recommendation is to call support so we can talk you through the process and answer any questions you have in real time.

The short answer is that you'll need to create a custom category that matches the specific site, create a new policy that matches only on this custom category, and then set the 'Object' policy to block the file types you wish to block.

Actions

This Discussion