ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Enforcing Policy on Archives in Web Isolation

book

Article ID: 173147

calendar_today

Updated On:

Products

Web Isolation

Issue/Introduction

When the end user downloads an archive, a Downloads error message is displayed, stating that the file download was blocked by policy. The message text depends on the reason for the blocking. The reason can be one of the following:

  • The archive contains too many files
  • The size of the uncompressed archive file is too large
  • The maximum extraction depth is exceeded

More specific information can be displayed by clicking Details in the message box.

Resolution

Symantec Web Isolation enforces policy on archive files when “Enforce policy on archive files” is enabled in the Download Profile settings.

When this setting is enabled, policy will be enforced according to the settings defined for the archive fields in Download Profile > Advanced Settings. These settings are relevant for “View”, “Allow” and “Scan” actions.

In the Advanced Settings, the following fields relate to archive downloads:

  • scanArchiveInnerFiles – Defines whether files in archives should be scanned.
  • archive.extraction.maxEntries – Defines the maximum number of extracted files. If the number of files contained in the archive exceeds the maximum number defined in this field, the following message is displayed in the end user’s browser:

  • archive.extraction.maxSize – Defines the maximum aggregated size of the extracted files. If the aggregated size of the extracted files contained in the archive exceeds the maximum size defined in this field, the following message is displayed in the end user’s browser:

  • archive.extraction.maxDepth – Defines the recursion level (default is 5). If the recursion level exceeds the defined maximum extraction depth defined in this field, the following message is displayed in the end user’s browser:

Attachments