07-24-2024 12:43 PM
I'm confused as to where to place this rule. From my understanding, there should be an allow rule with the File Policy configured to use the associated Malware & File policy. However, the rest of the configuration of that rule is set to allow any any.
There are other allow and block rules in the policy with the policy default action set to block all traffic. The last rule in the ACP is to allow all traffic outbound and inspect.
With that in mind, where should the file inspection policy be placed?
Solved! Go to Solution.
07-24-2024 01:05 PM
File/malware policy is applied to a regular access control rule .
The most important would be for inbound to oubound rules like users browsing to a website and downloading files etc which can be inspected for malware..
But keep in mind that 90% or above is encrypted, so unless you are doing ssl decryption, the malware inspection will not kick in..
07-24-2024 01:05 PM
File/malware policy is applied to a regular access control rule .
The most important would be for inbound to oubound rules like users browsing to a website and downloading files etc which can be inspected for malware..
But keep in mind that 90% or above is encrypted, so unless you are doing ssl decryption, the malware inspection will not kick in..
07-24-2024 01:18 PM
Gotcha. Thank you!
07-25-2024 04:53 AM
do you want other opinion here ?
MHM
07-25-2024 04:56 AM
Absolutely
07-25-2024 05:13 AM
07-25-2024 05:19 AM
Thank you, that's very helpful! I located that PDF and will review it.
07-25-2024 05:23 AM
you are so welcome
MHM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide