Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
aniuk
New Contributor

Block all downloads of executable files

Hi

i would like to realize the following.

 

1. Block all downloads of executable files.

2. Have a whitelist of domains, where downloading is allowed.

 

We used to have this with FortiOS 4, but im not able to realize it with FortiOS 5. 

 

Can someone help me or are there tutorials for this?

 

Thanks Dominik

2 REPLIES 2
Mark_Oakton
Contributor

have you tried a dlp profile with quarantine of all file types in the list?

Infosec Partners
Infosec Partners
aniuk

Hi Mark

 

Thank you for your help. Yes that is what i tried. Such a DLP sensor blocks all downloads perfectly. But i'm not able to make a policy with the exeptions. Exceptions work only with the ip-addresses and not with FQDN. And as we know  ip-addresses change frequently.

Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors