In order to take advantage of Capture Advanced Threat Protection (CATP or Capture ATP), create Capture ATP security policies as described below and select the categories of files you want to block. Once you have created a policy, apply it to an SSID group as explained in Applying a Security Policy to an SSID Group.
To create a Capture ATP security policy
Navigate to Security > Security Policies.
Click Add + to add a new security policy. The Add New Security Policy page displays.
Enter the name of the policy.
From the Policy Type list, select CATP Security Policy.
Click Next. The Details page displays. The name of the policy you created is filled in the top field.
Click Enable to enable the Capture ATP policy you have selected. Unselect it to disable the policy.
Click the Block Until Verdict to enable to decide whether questionable files should be allowed to pass.
If you are not concerned about their safety, you can allow them. If you do not want to take the chance of their being dangerous, select Block Until Verdict.
Optionally, you can set a Maximum File Size. The default maximum size is 5210 bytes. For SonicWave 231c/224w/231o models, the maximum size will reduce to 5120KB due to limited memory."
You can set the acceptable files types by checking any of the File Types boxes.
Select the protocol(s) which you want to use.
Click OK to save your selections.
The policy is now listed on the Security > Security Policies page.