DLP Policy to Block Uploading the file type on Web (HTTP/HTTPS)

From Secure Web Gateway
Share/Save/Bookmark
(Redirected from How to block file uploads or downloads)
Jump to: navigation, search

Overview

In an organization, Users should be restricted to Upload any kind of Content outside the corporate network to prevent data leakage. We shall permit text/plain content type to access all websites. We allow users only to upload Microsoft office document files and PDF files on whitelisted websites. 

You can achieve this simply by allowing the specific file type(s) based on predefined content type(s).

Prerequisite

HTTPS Inspection should be enabled in SafeSquid. If not enabled, you can check our document - How to enable HTTPS Inspection

'Restart SafeSquid service twice from SafeSquid Interface if it is a fresh installation of  SafeSquid Appliance Builder (SAB) after activation of the product.  'LINK

Note: When the activation of SafeSquid Appliance Builder (SAB) is done, Restart SafeSquid Service prompt should appear on SafeSquid UI. After restarting SafeSquid service lib-magic library file still doesn't exist, which you can verify from SafeSquid logs. To obtained the status 'libmagic: ok' you have to Restart SafeSquid Service once again from SafeSquid Interface. LINK

Access the SafeSquid User interface

RTENOTITLE

Search Policy : Block Uploads

There are two ways to search any keyword or policy.
Here we are using predefined Profile 'block uploads' created in Access Profiles section. You can check the 'block uploads' profile getting applied in extended logs.

 

Search Policy : Method 1

You can search the keyword or profile name from Restriction Policies >> Access Profiles. You have to check the each and every Policies and profiles one by one from top to bottom.

DLP 11.PNG

Search Policy : Method 2

Click on Search Icon situated on bottom left corner of SafeSquid Interface. 


DLP 12.PNG
DLP 13.PNG
DLP 14.PNG
DLP 15.PNG

DLP 16.PNG
Go to DLP Section Configuration

DLP 17.PNG

Select Global Section of DLP as Enabled with TRUE

DLP 18.PNG

Configure DLP Policy

DLP 19.PNG
If you want to block all files to upload leave this field blank. So in this case you need not to be specify profiles. Choose appropriate action as Do_not_Bypass and save policy.

DLP 20.PNG
DLP 21.PNG

Save Configuration


DLP 22.PNG
You can save the current configuration to either in your local machine or to cloud. Storing configuration to cloud help you to restore your configuration in other instances.
DLP 23.PNG


Note: Creating / Using (predefined) profiles while creation of new policy will be helpful for capturing logs. In future these logs can be helpful to identify general operational details and security concerns.

Example

Generally in corporate sector Users should be restricted to Upload any kind of Content outside the corporate network to prevent data leakage. We shall permit text/plain content type to access all websites. We allow users only to upload Microsoft office document files and PDF files on whitelisted websites. 

In this scenario follow below steps:

Step 1 : Go to Categorization Web-site section from SafeSquid GUI and add all whitelisted websites into whitelist category.

Step 2 : Go to policies and Profiles section and create new policy as below.

Slide3.PNG
  

Step 3 : Create All the three policies under DLP section from SafeSquid GUI.

Policy 1 :  We restrict uploading of files, irrespective of a content type.

Policy 2 : We shall permit text/plain content type to access all websites.

Policy 3 : We allow users for uploading PDF and Microsoft office document files for Whitlisted Sites

Slide4.PNG
  
Retrieved from "http://docs.safesquid.com//index.php?title=DLP_Policy_to_Block_Uploading_the_file_type_on_Web_(HTTP/HTTPS)&oldid=6626"