Home  ›  How to Block Uploads From an Application

How to Block Uploads From an Application

Written By Thursday, April 14, 2022 Add Comment Edit

How can I block FTP / HTTP file downloads and upload using Application Control Avant-garde?

12/twenty/2019 60 People found this article helpful 89,991 Views

Description

The application signature databases that were previously included with SonicWall Intrusion Prevention Service (IPS) are now role of the Awarding Command feature. These signature databases are used to protect users from awarding vulnerabilities as well equally worms, Trojans, peer-to-peer transfers, spyware and backdoor exploits. The extensible signature language used in SonicWall's deep packet inspection engine as well provides proactive defense force against newly discovered application and protocol vulnerabilities.

The configuration method on the Firewall | App Control Advanced page (In Gen5 TZ Series it's on the Security Services | App Control Advanced page) allows granular control of specific categories, applications, or signatures. This includes granular logging control, granular inclusion and exclusion of users, groups, or IP address ranges, and schedule configuration. The settings here are global policies and independent from any custom App Rules policy.

This article describes the method to block downloads of file-types like Executables, Archives, Documents, Database files, Images, Stream using HTTP or FTP. The file-type signatures are grouped under the categories FILE-TYPES-HTTP (Category ID 72) and FILE-TYPES-FTP (Category ID 73). The principal purpose of these signatures is to provide Truthful-File Blazon detection based on a file's contents rather than relying on the provided file extension or MIME type.This solution would exist applicable to webmail downloads if using FILE-TYPES-HTTP.

Image

Resolution

  • Login to the SonicWall management GUI.
  • Navigate to the Firewall | App Control Advanced folio.
  • Bank check the box under Enable App Control and clickTake at the top of the page.
  • Under View Style: Category, select FILE-TYPES-HTTP or select FILE-TYPES-FTP.
  • Under Awarding, select the file-type that y'all desire to block. The following file-types are available.
  • ArchiveDatabase File
  • Certificate
  • Executable
  • Image
  • Stream

You can block using the following methods:

  • Block the awarding category FILE-TYPES-HTTP or FILE-TYPES-FTP.
  • Cake individual file-types (eg. executables, archives, documents etc).
  • Block individual signatures (eg. exe, pdf etc).

The ensuing sections illustrate each of the above methods.

Cake the application category FILE-TYPES-HTTP or FILE-TYPES-FTP

  • Under View Manner: Category, select FILE-TYPES-HTTP or select FILE-TYPES-FTP.
  • Click Configure button to bring upward the Edit App Control Category window.
  • Select Enable under Block.
  • Select Enable under Log.
  • ClickOK .
    Image

Cake individual file-types (eg. executables, athenaeum, documents etc)

  • Under View Manner: Category, select FILE-TYPES-HTTP or select FILE-TYPES-FTP.
  • Nether Application select the file-blazon you lot wish to cake (Executable in this example) .
  • Click  Configure push button to bring up the Edit App Control App window.
  • Select Enable under Block.
  • Select Enable under Log.
  • ClickOK .

Select other file-types to block multiple file-types.
Image

Cake private signatures (eg. exe, pdf etc)

  • Under View Style: Category, select FILE-TYPES-HTTP or select FILE-TYPES-FTP.
  • Under Application select the file-type you wish to block (Executable in this example) .
  • Under Viewed Past, select Signature to listing all the signatures under the file-type selected.
  • Click Configure button on whatever of the signatures listed to bring up the Edit App Control Signature window (  PE/COFF four (HTTP Download) in this Example).
  • Select Enable under Block.
  • Select Enable nether Log.
  • ClickOK.

Select other signatures to block multiple signatures.

Image

Log Letters

When hosts behind the SonicWall try to download a file marked for blocking, they volition go blocked and the following letters volition be logged:

Image

Note: This noesis base article is applicative for HTTP/FTP file uploads as well.

Related Articles

  • Best practices for administrator managing SonicWall Firewall Appliances
  • How to configure failover when at that place are two or more than WAN Interfaces?
  • How can I put the SonicWall into safety mode?

Categories

  • Firewalls > NSa Serial > Application Firewall
  • Firewalls > NSv Series > Application Firewall
  • Firewalls > TZ Serial > Application Firewall

Was This Commodity Helpful?

YesNO

Article Helpful Form

Article Not Helpful Class

fragaimes1959.blogspot.com

Source: https://www.sonicwall.com/support/knowledge-base/how-can-i-block-ftp-http-file-downloads-and-upload-using-application-control-advanced/170505852676491/

0 Response to "How to Block Uploads From an Application"

Post a Comment

Subscribe to: Post Comments (Atom)

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel