How to Block Filetype (PDF,.EXP,GIF,PNG,ActiveX Script) using App Control Advanced.
Description
This article details how to block Filetype (PDF,.EXP,GIF,PNG,ActiveX Script) over HTTP using the Application Control Feature on the SonicWall. This Feature scans traffic for matches based on certain Signatures and allows Administrators to block those Signatures. While this example applies to Filetype (PDF,.EXP,GIF,PNG,ActiveX Script), Application Control can be used to block many other programs with similar configuration as to what is presented here.
Resolution for SonicOS 7.X
This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.
-using-App-Control-Advanced.-kA1VN0000000Jgz0AE-0EMVN00000EoDYR.gif)
CAUTION: The solution described here is not applicable if the traffic is over HTTPS. In order to be able to block these Filetype (PDF,.EXP,GIF,PNG,ActiveX Script), or any Apps, over HTTPS, Client DPI-SSL is required.
1. Login to the SonicWall Management GUI.
2. Navigate to Policy |Security Services | App Control |Enable App Control and click Accept.
-using-App-Control-Advanced.-kA1VN0000000Jgz0AE-0EMVN00000EoDZ5.png)
3. Navigate to Signatures and in the Application section View: ALL. There all applications can be seen under, Filetype-Detection. Either all Applications can be blocked or One application can be blocked (According to requirement).
-using-App-Control-Advanced.-kA1VN0000000Jgz0AE-0EMVN00000EoDZ2.png)
- If we need to block whole category of Filetype-detection, then viewed By: Application is to be selected.
-using-App-Control-Advanced.-kA1VN0000000Jgz0AE-0EMVN00000EoDZA.png)
3. Go to Signatures and in the Application search Document PDF File. (Here Filetype PDF is to be blocked)
-using-App-Control-Advanced.-kA1VN0000000Jgz0AE-0EMVN00000EoDZ8.png)
4. Select Enable under the Block and Log fields and click OK.
-using-App-Control-Advanced.-kA1VN0000000Jgz0AE-0EMVN00000EoDZ9.png)
Resolution for SonicOS 6.5
This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.
ECB]
CAUTION: The solution described here is not applicable if the traffic is over HTTPS. In order to be able to block these Filetype (PDF,.EXP,GIF,PNG,ActiveX Script), or any Apps, over HTTPS, Client DPI-SSL is required.
1. Login to the SonicWall Management GUI.
2. Navigate to Manage | Rules | App Control .
3. Check the box for Enable App Control and click on the Accept button at the bottom of the page.
-using-App-Control-Advanced.-kA1VN0000000Jgz0AE-0EMVN00000EoDZ6.png)
4. Under App Control Advanced | View Style select Category: FILETYPE-Detection, set Viewed By to Application , there all file types can be seen under Application.
5. Click on Configure under Document PDF File. (Here Filetype PDF is to be blocked)
-using-App-Control-Advanced.-kA1VN0000000Jgz0AE-0EMVN00000EoDZ7.png)
6. In the App Control Signature Settings window, select Enable under the Block and Log fields.
7. Click on OK to save.
-using-App-Control-Advanced.-kA1VN0000000Jgz0AE-0EMVN00000EoDYS.png)
Blocking Individual Applications:
Application Control also has signatures for individual Apps. To block these apps individually, select the app name under Application; click on configure; select Enable for Blocking.