Secure Access now allows users to define private access rules with file inspections and file type controls enabled.

Similar to what is supported for web traffic on the Internet access rules, this feature leverages Cisco AMP and third-party AV to quickly detect and block malware contained file transfers between users and private apps. In addition, users can optionally enable Malware Analytics (ThreatGrid sandboxing) to analyze files that are unknown to the File Inspection services (AMP) and are not blocked by the anti-virus feature. 

This feature also allows users to specify the types of files to be blocked. Secure Access detects the true file type based on not only the file’s file extension but also the content of the file.

User's settings for file inspections and file types to be blocked are managed in the Security Profile (for private access type rules). Users have the flexibility to define rules that apply different Security Profile, in order to achieve differentiated security enforcement based on the sources and destinations involved.

All of the events related to file inspections and file type control for Private Access, can be filtered as part of “Firewall” event view using “Cisco AMP Disposition is Malicious” and “Antivirus Disposition is Malicious” event type filters. File Status (disposition outcome) and SHA256 hashes for the files sandboxed by Secure Malware Analytics, can be visible in the Event Details drawer of the Activity Search report page.