Block browser-based file transfers
Create an application filter policy to block browser-based file transfers for:
- All users
- Specific users and groups
Create an application filter policy
- Go to Applications > Application filter.
- Click Add.
-
Configure the following settings:
Setting Value Name Block_File_Transfer
Template Allow All -
Click Save.
Add rules to the policy
- Go to Applications > Application filter.
- Select the created policy.
- Click Add.
-
Configure the filter as follows:
Setting Value Category File Transfer Characteristics Transfer files Technology Browser Based -
Select Select all.
- Select Allow for Action.
- Click Save to save the application filter policy rule.
- Click Save to save the application filter policy.
Apply the application filter policy to a firewall rule
You can apply the application filter policy to an existing firewall rule or create a new one according to your organization's needs. See Add a firewall rule.
Apply to all users
This example applies the application filter policy to all users in the network.
- Go to Rules and policies > Firewall rules.
- Click Add firewall rule, then click New firewall rule.
-
Configure the following settings:
Setting Value Rule name LAN-WAN
Action Accept Log firewall traffic Selected Rule position Top Rule group None Source zones LAN Source networks and devices Any During scheduled time All the time Destination zones WAN Destination networks Any Services Any Identify and control applications (App control) Block_File_Transfer
-
Click Create linked NAT rule.
-
Configure the following settings:
Setting Value Rule name LAN-WAN
Rule position Top Translated source (SNAT) MASQ -
Click Save to save the NAT rule.
- Click Save to save the firewall rule.
Apply to specific users and groups
This example applies the application filter policy to specific users and groups in the network.
- Go to Rules and policies > Firewall rules.
- Click Add firewall rule, then click New firewall rule.
-
Configure the following settings:
Setting Value Rule name LAN-WAN
Action Accept Log firewall traffic Selected Rule position Top Rule group None Source zones LAN Source networks and devices Any During scheduled time All the time Destination zones WAN Destination networks Any Services Any Match known users Selected User or groups Open Group
See Add a user locally and Add a group.
Identify and control applications (App control) Block_File_Transfer
-
Click Create linked NAT rule.
-
Configure the following settings:
Setting Value Rule name LAN-WAN
Rule position Top Translated source (SNAT) MASQ -
Click Save to save the NAT rule.
- Click Save to save the firewall rule.
More resources