Skip to content

Block browser-based file transfers

Create an application filter policy to block browser-based file transfers for:

  • All users
  • Specific users and groups

Create an application filter policy

  1. Go to Applications > Application filter.
  2. Click Add.
  3. Configure the following settings:

    Setting Value
    Name Block_File_Transfer
    Template Allow All
  4. Click Save.

Add rules to the policy

  1. Go to Applications > Application filter.
  2. Select the created policy.
  3. Click Add.
  4. Configure the filter as follows:

    Setting Value
    Category File Transfer
    Characteristics Transfer files
    Technology Browser Based
  5. Select Select all.

  6. Select Allow for Action.
  7. Click Save to save the application filter policy rule.
  8. Click Save to save the application filter policy.

Apply the application filter policy to a firewall rule

You can apply the application filter policy to an existing firewall rule or create a new one according to your organization's needs. See Add a firewall rule.

Apply to all users

This example applies the application filter policy to all users in the network.

  1. Go to Rules and policies > Firewall rules.
  2. Click Add firewall rule, then click New firewall rule.
  3. Configure the following settings:

    Setting Value
    Rule name LAN-WAN
    Action Accept
    Log firewall traffic Selected
    Rule position Top
    Rule group None
    Source zones LAN
    Source networks and devices Any
    During scheduled time All the time
    Destination zones WAN
    Destination networks Any
    Services Any
    Identify and control applications (App control) Block_File_Transfer
  4. Click Create linked NAT rule.

  5. Configure the following settings:

    Setting Value
    Rule name LAN-WAN
    Rule position Top
    Translated source (SNAT) MASQ
  6. Click Save to save the NAT rule.

  7. Click Save to save the firewall rule.

Apply to specific users and groups

This example applies the application filter policy to specific users and groups in the network.

  1. Go to Rules and policies > Firewall rules.
  2. Click Add firewall rule, then click New firewall rule.
  3. Configure the following settings:

    Setting Value
    Rule name LAN-WAN
    Action Accept
    Log firewall traffic Selected
    Rule position Top
    Rule group None
    Source zones LAN
    Source networks and devices Any
    During scheduled time All the time
    Destination zones WAN
    Destination networks Any
    Services Any
    Match known users Selected
    User or groups Open Group

    See Add a user locally and Add a group.

    Identify and control applications (App control) Block_File_Transfer
  4. Click Create linked NAT rule.

  5. Configure the following settings:

    Setting Value
    Rule name LAN-WAN
    Rule position Top
    Translated source (SNAT) MASQ
  6. Click Save to save the NAT rule.

  7. Click Save to save the firewall rule.

More resources