Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
CAD
Contributor

DlP deny to download Excel file

Hi everyone,

 

I am ruuning firmware 5.2.3,

i am configure DLP to deny .exe, .elf,.....

but it deny me to download .xlsx , please if someone has idea to solve this issue will be appreciate him.

 

 

Thanks

 

 

5 REPLIES 5
craigusza
New Contributor

Hi ActiveNew,

 

Just an idea but do you have it configured to block ZIP files/compressed archives.

Office files post 2007 are actually XML files that are compressed into ZIP archives.

Here is the KB on identifying these archives.

 

http://kb.fortinet.com/kb/documentLink.do?externalID=FD31117

http://msdn.microsoft.com/en-us/library/aa338205.aspx

 

Regards, Craig

CAD

Thanks for reply,

yes , i am Blocked .zip 

 

do you there is no other solution?

 

Thanks

craigusza
New Contributor

Hi,

 

Yes it is possible to create the rules to allows Office Formats but still block regular zip archives.

This has come up before so here are the forum links for you 

https://forum.fortinet.com/tm.aspx?m=94058

https://forum.fortinet.com/tm.aspx?m=135043

 

Hope this helps.

netmin

For remote file downloads (not emails) where users usually cannot change the file extensions, I think a 2-step DLP filter should work:

 

seq #1 - file name pattern: *.xlsx, *.docx, *.pptx, ... - action: none

seq #2 - file type: Archive (zip), Executable (exe), ... - action: block

 

for emails (unless explicitly needed) I would always use a a content check (regex or file type) but not a name pattern, since users can change the file extension - and they _will try it_ with renamed attachments.

CAD

sorry,The file i have tried to download is .zip not .xlsx

 

 

thanks for your help

Labels
Top Kudoed Authors