DLP Policy to Block Uploading the file type on Web (HTTP/HTTPS)

From Secure Web Gateway
Share/Save/Bookmark
(Redirected from How to block file uploads or downloads)
Jump to: navigation, search

Overview

Data loss prevention, or DLP, is a set of technologies, products, and techniques that are designed to stop sensitive information from leaving an organization.

Data can end up in the wrong hands whether it’s sent through email or instant messaging, website forms, file transfers, or other means. DLP strategies must include solutions that monitor for, detect, and block the unauthorized flow of information.

SafeSquid DLP protects organizations from information leaks and data loss at the perimeter and inside the organization, as well as in certain Infrastructure as a Service platforms.

SafeSquid DLP restrict to Upload any kind of Content outside the corporate network to prevent data leakage. We shall permit text/plain content type to access all websites. We allow users only to upload Microsoft office document files and PDF files on whitelisted websites. 

You can achieve this simply by allowing the specific file type(s) based on predefined content type(s).

Prerequisite

HTTPS Inspection should be enabled in SafeSquid. If not enabled, you can check our document - How to enable HTTPS Inspection

'Restart SafeSquid service twice from SafeSquid Interface if it is a fresh installation of  SafeSquid Appliance Builder (SAB) after activation of the product.  'LINK

Note: When the activation of SafeSquid Appliance Builder (SAB) is done, Restart SafeSquid Service prompt should appear on SafeSquid UI. After restarting SafeSquid service lib-magic library file still doesn't exist, which you can verify from SafeSquid logs. To obtained the status 'libmagic: ok' you have to Restart SafeSquid Service once again from SafeSquid Interface. LINK

 

Access the SafeSquid User interface

RTENOTITLE

Search Policy : Block Uploads

There are two ways to search any keyword or policy.
Here we are using predefined Profile 'block uploads' created in Access Profiles section. You can check the 'block uploads' profile getting applied in extended logs.

Search Policy : Method 1

You can search the keyword or profile name from Restriction Policies >> Access Profiles. You have to check the each and every Policies and profiles one by one from top to bottom.

DLP 11.PNG

 

Search Policy : Method 2

Click on Search Icon situated on bottom right corner of SafeSquid Interface.


DLP 12.PNG
DLP 13.PNG
'
DLP 14.PNG
'
DLP 15.PNG

DLP 16.PNG
Go to DLP Section Configuration

DLP 17.PNG

Select Global Section of DLP as Enabled with TRUE

DLP 18.PNG

Configure DLP Policy

DLP 19.PNG
If you want to block all files to upload leave this field blank. So in this case you need not to be specify profiles. Choose appropriate action as Do_not_Bypass and save policy.
DLP 20.PNG
DLP 21.PNG

Save Configuration


DLP 22.PNG

You can save the current configuration to either in your local machine or to cloud. Storing configuration to cloud help you to restore your configuration in other instances.
DLP 23.PNG


Note: Creating / Using (predefined) profiles while creation of new policy will be helpful for capturing logs. In future these logs can be helpful to identify general operational details and security concerns.

Example

Generally in corporate sector Users should be restricted to Upload any kind of Content outside the corporate network to prevent data leakage. We shall permit text/plain content type to access all websites. We allow users only to upload Microsoft office document files and PDF files on whitelisted websites. 

In this scenario follow below steps:

Step 1 : Go to Categorization Web-site section from SafeSquid GUI and add all whitelisted websites into whitelist category.

Step 2 : Go to policies and Profiles section and create new policy as below.

Slide3.PNG
 

Step 3 : Create All the three policies under DLP Section from SafeSquid GUI.

Policy 1 :  We restrict uploading of files, irrespective of a content type.

Policy 2 : We shall permit text/plain content type to access all websites.

Policy 3 : We allow users for uploading PDF and Microsoft office document files for Whitlisted Sites

Slide4.PNG