Enable File Type Controls
Cisco Secure Access provides file type controls in security profiles, in order to control access to certain types of files. Once File Type Blocking is enabled, if a user device attempts to download a selected file type, Secure Access presents a Block page instead of the requested resource.
Secure Access checks a file based on its file extension and detects whether the extension has been changed. For example, if a .gif file extension is changed to .xyz, Secure Access can detect that the file is a .gif.
Blocking some file types may cause a website not to display correctly.
Table of Contents
Prerequisites
- Full Admin user role. For more information, see Manage Accounts.
- In a security profile for internet access: You must enable decryption in the same security profile.
- In private access rules, rule destinations must be configured as private resources that have decryption enabled.
Procedure
- Navigate to Secure > Security Profiles,
- Add a security profile or expand an existing security profile.
- For Security and Acceptable Use Controls > File Type Blocking, click Edit.
- Check the categories of the file types to choose all file types in the group, or expand a file type category to choose specific file types. For more information about available file types, see File Types to Block.
Note: When an entire file type group is selected, all future file types added to that group are also blocked.
- Click Save.
Use this security profile in an access rule to apply it to traffic.
Manage File Type Control < Enable File Type Control > File Types to Block
Updated 3 months ago