Created on
12-26-2022
07:19 AM
Edited on
12-30-2024
01:22 AM
By
Jean-Philippe_P
This article describes how the 'File filter' is used to block files passing through a FortiGate based on file type.
File filtering profile is based on file type (file's metadata) only, and not on file size or file content.
Example: When downloading a file with the 'exe' extension which is not a real 'exe' file, the file filter will not detect this file as a '.exe' file while configuring the file type 'exe'.
It is necessary to configure a DLP sensor to block files based on size or content such as SSN numbers, credit card numbers, etc.
Sometimes, it is necessary to exempt a particular file that is already a part of a file type that is blocked by a File filter.
For example, allow a specific .exe file while all other .exe files should be blocked.
However, the File filter exception option is not configurable.
All FortiOS versions.
Solution
Web filter can be used instead to achieve file filter exception.
Note: Verify that the destination address should not be in the exemption list of the deep inspection profile so that traffic will be inspected by FortiGate.
On 'Download', the following block page will be shown:
The file has been blocked due to its file type and/or properties
URL: *xxx.com <- Website from which the .exe file will be downloaded (In this example, a wildcard entry as '*image-line.com' is necessary).
Type: Wildcard.
Action: Exempt.
Status: Enable.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.