SonicOS/X 7 Capture ATP

Custom Blocking Behavior

The Custom Blocking Behavior section allows you to select the Block file download until a verdict is returned feature.

The default option is Allow file download while awaiting a verdict. This setting allows a file to be downloaded without delay while the Capture service analyzes the file for malicious elements. You can set email alerts or check the firewall logs to find out if the Capture service analysis determines that the file is malicious.

The Block file download until a verdict is returned feature should only be enabled if the strictest controls are desired. If you select this feature, a warning dialog appears.

When the Block file download until a verdict is returned feature is enabled, the other options become available. You can:

  • Select an address object from Choose an Address Object to exclude from blocking the file download until verdict is reached by the Capture Service. The default is None.
  • Select one or more file types to block from Specify the file types to exclude from blocking the file download until verdict is reached by the Capture Service:
    • Executables (PE, Mach-O, and DMG)
    • PDF
    • Office 97-2003(.doc , .xls ,...)
    • Office(.docx , .xlsx ,...)
    • Archives (.jar, .apk, .rar, .gz, and .zip)

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.