Hi,

Thank you Jeff but this is enable and not see it.

 Attached picture.

Regards

PD: there is another way to block the downloading of exe files?

I have FortiGate-100D v5.4.0,build1011, it is works for me.

You may try set up from CLI: config  firewall  explicit-proxy-policy /edit xx/set utm enable/set dlp-sensor default/end

If CLI does not have DLP, may be other cause. Thanks.

Thank you,

I do not have much experience with the CLI, how little work has been fortinet GUI.

I'll try, this config is in my vdom o global config?

From your screen shot, it look you enable VDOM , so enter VDOM and set up "config  firewall  explicit-proxy-policy".

hi, it works !!

What I have seen is another problem, I have blocked all .exe DLP, but it does not work or windows update or mcafee signatures

How could realiar execepciones for everything coming from the URL and mcafee microsoft work?

Thank you!!

Block URL you may need set up "webfilter " , thanks.

The problems is .exe download windows update and DLP sensor is block this file.

To create an exception and not block me .exe Windows Update, created a web filter exemp of *windowsupdate* wildcart?

It is correct?

So you want block *.exe file but permit "mcafee microsoft update"  ?

You may create more policy to permit "mcafee microsoft update" , then fail down to bottom policy to block "*.exe " file. Thanks.