Enable File Inspection

To inspect files for threats, enable the file inspection features in a web profile, then assign the web profile to an internet access rule.

File Inspection uses multiple features to evaluate for malicious files. For details, see Manage File Inspection and Analysis.

Once inspections are complete, a file is either delivered to the end user or the connection is terminated and the user is shown a block page.

Once you have enabled File Inspection, to monitor and review Umbrella's inspection activities, use the Security Activity and Activity Search reports.

Table of Contents



  1. Navigate to Secure > Profiles > Web Profiles.
  2. Click +Add or expand an existing web profile.
  3. In the Security and Acceptable Use Controls section, for File Inspection, click Edit.
  4. Enable File Inspection if it is not already enabled:
  1. Click Save.
  2. If you will enable file analysis using Cisco Secure Malware Analytics, see important information and follow the procedure in Enable File Analysis by Cisco Secure Malware Analytics.
  3. In the same Web profile, ensure that Decryption is enabled.
  1. Choose a Web profile that has file inspection enabled when you configure internet access rules.

Manage File Inspection < Enable File Inspection > Enable File Analysis by Cisco Secure Malware Analytics