Enable File Type Controls
Cisco Secure Access provides file type controls in security profiles, in order to control access to certain types of files. IfFile Type Blocking is enabled, if a user device attempts to download a selected file type from an internet destination, Secure Access presents a Block page instead of the requested resource.
Secure Access checks a file based on its file extension and detects whether the extension has been changed. For example, if a .gif file extension is changed to .xyz, Secure Access can detect that the file is a .gif.
Blocking some file types may cause a website not to display correctly.
Table of Contents
Prerequisites
- Full Admin user role. For more information, see Manage Accounts.
- In a security profile for internet access: You must enable decryption in the same security profile.
- In private access rules, rule destinations must be configured as private resources that have decryption enabled.
Procedure
- Navigate to Secure > Security Profiles,
- Add a security profile or expand an existing security profile.
- For Security and Acceptable Use Controls > File Type Blocking, click Edit.
- Check the categories of the file types to choose all file types in the group, or expand a file type category to choose specific file types. For more information about available file types, see File Types to Block.
Note: When an entire file type group is selected, all future file types added to that group are also blocked.
- Click Save.
Use this security profile in an access rule to apply it to traffic.
Manage File Type Control < Enable File Type Control > File Types to Block
Updated 14 days ago