| PDF |
By default, these files are processed for positive selection.
|
n |
Remove multimedia: Specifies whether multimedia such as embedded video, audio, 3D annotations, and rich media annotations must be removed. Default is checked. |
|
n |
Remove metadata: Specifies whether metadata must be removed. Metadata includes information about the document, such as author, keywords, copyright information, etc. Default is unchecked. |
|
n |
Clean embedded fonts: Specifies whether embedded fonts must be processed. Default is checked. Cleaning embedded fonts can: |
|
t |
Remove unused characters – Only keeps the characters actually used in the document (called subset fonts). |
|
t |
Deduplicate fonts – If the same font is embedded more than once, it consolidates them. |
|
t |
Fix font metadata or corruption – Some tools repair malformed font data. (Fonts can technically be exploited to carry malicious code (in very rare and advanced attack scenarios)). |
|
t |
Reduce file size – All of the above help shrink the PDF file size. |
|
n |
Block files with suspicious links: Performs a check of all links in the form HTTP:// and HTTPS:// in a PDF document. If any link is found to be suspicious, the file is blocked. The suspicious link is not removed from the file. |
When this option is checked, for every file that the Positive Selection® Engine blocks, it issues a block-file containing the reason it was blocked. Accept the default block reason, or edit it. When selected you can edit the Block Reason message. Default is unchecked.
|
n |
JavaScript handling: Determines how JavaScript, if found in the PDF file, is handled. |
|
t |
Remove only suspicious scripts |
|
t |
Remove all scripts (this is the default) |
|
n |
QR Code handling: Selects the action to perform on a QR code. |
|
t |
Ignore - the QR Code is ignored. The file is passed on as-is. This is the default. |
|
t |
Detect QR Codes - detect if there is a QR Code in the file |
|
t |
Disarm QR Codes - the original QR code is rewritten with the Votiro QR Code. |
|
t |
Block QR Codes - Votiro blocks the QR Code |
Note: Sanitization will remove empty file attachments.
|
Image |
By default, these files are processed for positive selection.
|
n |
Add micro-changes: Adds security noise to images during processing. Default is checked. |
Note
Increasing the noise level might enlarge the processed files, particularly in the case of png files. Unselecting noise level (off) usually preserves an image file size.
|
n |
Remove metadata: Removes EXIF metadata from JPEG, JPG and TIFF images. Default is unchecked. |
|
n |
Remove external image: Removes references to external image files in SVG image files. Default is unchecked. |
|
n |
Remove external references: Remove external references from SVG files to eliminate hidden vulnerabilities and ensure secure file handling. |
|
n |
Max compression for lossless formats: Compresses lossless image formats (PNG, BMP, and RAW) by 100%. Default is checked. |
|
n |
Compression level: The processed image is compressed to preserve a reasonable image file size. You select one of four compression levels (from low to high) that trade off file size with image quality. The lower the compression level, the larger the file, and the higher the image quality. The higher the compression level, the smaller the file, and the lower the image quality. Default is 25% compression. |
|
Binary |
The processing option is not relevant to managing binary files. You either block binary files or allow them. |
Archive |
By default, these files are processed for positive selection.
Block zip bomb: Detects and blocks zip files with abnormal compression ratio. These might pose a denial of service threat, consuming system resources such as CPU or disk. Any zip files with compression ratio higher than 99.8% will be considered a zip bomb and be blocked. When selected you can edit the Block Reason message. Default is checked.
System locale: Select your preferred system locale. This enables you to sanitize archive files with ANSI encoding according to the selected System locale.
The available options are:
|
n |
fr_FR - French (France) |
|
n |
de_DE - German (Germany) |
|
n |
he_IL - Hebrew (Israel) |
|
n |
ja_JP - Japanese (Japan) |
|
n |
th_TH - Thai (Thailand) |
The default System locale is en_US.
|
| CAD |
Remove VBA Macros: Removes VBA macros from the file. Default is unchecked. |
RTF |
By default, these files are processed. There are no specific processing options. |
| HTML Attachments |
There is an additional option: Remove scripts. This is the default action. If this option is selected, every script will be removed from the HTML Attachment file. |
Email |
By default, these files are processed for positive selection.
|
n |
Remove suspicious links in Email body: The system will scan each URL in the email body, and if a suspicious link was found, the link will be removed and will be replaced with the following text: “This link was removed because it is a malicious URL”. |
|
n |
Include URL to Password-protected portal: Includes a link to the Password-protected portal (see Password Protected Portal). |
|
n |
Add sanitization indication in Email body: Adds an indication of the sanitization status in the body of the Email. |
|
n |
QR Code handling: Selects the action to perform on a QR code. |
|
t |
Ignore - the QR Code is ignored. The email is passed on as-is. This is the default. |
|
t |
Detect QR Codes - detect if there is a QR Code in the file |
|
t |
Disarm QR Codes - the original QR code is rewritten with the Votiro QR Code. |
|
t |
Block QR Codes - Votiro blocks the QR Code |
|
|
Microsoft Office
Note
nPositive selection processing applies to Microsoft Office files and their embedded objects.
nEach attached file is processed recursively by running all policy rules on it.
|
By default, these files are processed for positive selection.
|
n |
Block files with suspicious links: Performs a check of all links in the form HTTP:// and HTTPS:// in Microsoft Word files. If any link is found to be suspicious, it is removed from the file. When selected you can edit the Block Reason message. Default is unchecked. |
Note
This option is available for DOC/DOCX/XLSX file types only.
In the list, choose one of the following:
|
t |
Remove only suspicious macros: Remove all macros only if any suspicious code is found.
|
|
t |
Remove all macros: Remove all macros from the document.
This is the default option. |
|
t |
Block documents containing suspicious macros: Block the entire document if suspicious code is found in the macro. |
Note
Excel files with 4.0 macro (also known as sheet macro) are automatically blocked. It is common practice to use VBA macros. Excel files with VBA macros are checked for suspicious code (see options above).
|
n |
Remove metadata: Removes metadata, such as Author, Company, LastSavedBy, and so on. Default is unchecked. |
|
n |
Remove printer settings: Removes the printerSettings1.bin (printer settings) embedded in a .xlsx file. Default is checked. |
|
n |
Remove external links: Removes links that can point to locations external to the office files. If unchecked (default), suspicious elements are not detected. |
|
n |
Block files with Dynamic Data Exchange (DDE): Blocks all files with DDE. Default is unchecked. |
|
Text |
Note
XML and JSON files are processed according to the Text files policy.
By default, these files are processed for positive selection. If any suspicious activity is detected, the file is blocked. If no suspicious activity is detected, the text file is preserved (the file hash will remain the same).
Block CSV with threat formula: Blocks CSV files that contain formula injections.When selected you can edit the Block Reason message. Default is checked.
|
| Media |
The user can set Media file policy exceptions.
|
n |
Remove metadata: Removes metadata from media files. Default is unchecked. |
|
| Open Document |
The user can set Open Document file policy exceptions. By default, these files are sanitized. During the sanitization, the macros will not be preserved. |
Other files |
By default, these files are blocked. You can edit the Block Reason message.
There are no specific sanitization processing options.
|
Comments
0 comments
Please sign in to leave a comment.