Defining Policies by File Type
Policies have default settings that you can customize to meet your organization's requirements.
To define a policy by file type, from the navigation pane on the left, click Settings > Policies.
For more information about the policies page, see Policies Dashboard.
When defining a policy by file type, you can perform the following actions:
n | Block the file under all conditions. If selected: |
t | You can edit the default block notification message text, Block Reason. |
t | Additional options may be available for you to set. |
t | The Default Action displays a red dot. |
n | Sanitize the file. If selected: |
t | You can modify the default behavior by customizing the option settings available. |
t | If available, you can edit the default block notification message text, Block Reason. |
t | The Default Action displays a green dot. |
n | Allow the file. The Default Action displays a grey dot. |
n | Add one or more exceptions to the policy. The Exceptions displays the number of exceptions applied to the policy. For more information, see Adding Policy Exceptions. |
The following table describes the processing options that are available for each file type:
File Type |
Processing Options |
||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
By default, these files are processed for positive selection.
When this option is checked, for every file that the Positive Selection® Engine blocks, it issues a block-file containing the reason it was blocked. Accept the default block reason, or edit it. When selected you can edit the Block Reason message. Default is unchecked.
|
|||||||||||||||||||||||||||||||
Image |
By default, these files are processed for positive selection.
Note Increasing the noise level might enlarge the processed files, particularly in the case of png files. Unselecting noise level (off) usually preserves an image file size.
|
||||||||||||||||||||||||||||||
The processing option is not relevant to managing binary files. You either block binary files or allow them. |
|||||||||||||||||||||||||||||||
Archive |
By default, these files are processed for positive selection. Block zip bomb: Detects and blocks zip files with abnormal compression ratio. These might pose a denial of service threat, consuming system resources such as CPU or disk. Any zip files with compression ratio higher than 99.8% will be considered a zip bomb and be blocked. When selected you can edit the Block Reason message. Default is checked. |
||||||||||||||||||||||||||||||
CAD | Remove VBA Macros: Removes VBA macros from the file. Default is unchecked. | ||||||||||||||||||||||||||||||
RTF |
By default, these files are processed. There are no specific processing options. |
||||||||||||||||||||||||||||||
By default, these files are processed for positive selection.
|
|||||||||||||||||||||||||||||||
Microsoft Office Note nPositive selection processing applies to Microsoft Office files and their embedded objects. nEach attached file is processed recursively by running all policy rules on it. |
By default, these files are processed for positive selection.
Note This option is available for DOC/DOCX/XLSX file types only.
In the list, choose one of the following:
Note Excel files with 4.0 macro (also known as sheet macro) are automatically blocked. It is common practice to use VBA macros. Excel files with VBA macros are checked for suspicious code (see options above).
|
||||||||||||||||||||||||||||||
Text |
Note XML and JSON files are processed according to the Text files policy. By default, these files are processed for positive selection. If any suspicious activity is detected, the file is blocked. If no suspicious activity is detected, the text file is preserved (the file hash will remain the same). Block CSV with threat formula: Blocks CSV files that contain formula injections.When selected you can edit the Block Reason message. Default is checked. |
||||||||||||||||||||||||||||||
Media |
The user can set Media file policy exceptions.
|
||||||||||||||||||||||||||||||
Open Document | The user can set Open Document file policy exceptions. By default, these files are sanitized. During the sanitization, the macros will not be preserved. | ||||||||||||||||||||||||||||||
Other files |
By default, these files are blocked. You can edit the Block Reason message. There are no specific sanitization processing options. |
Comments
0 comments
Please sign in to leave a comment.