Host Integrity (HI) is configured to download a file from a specified URL. When the Host Integrity Policy is applied the download of the file fails with error;

"Error: URL not accessible or failed to create destination file."

You have verified that the URL is valid and indeed initiates download of the file. 

ProcMon capture reveals that indeed Host Integrity is failing to 'create destination file', as the error indicates, due to INVALID NAME error.

The URL in question contains one or more of the following characters after the final forward slash;

• < (less than)
• > (greater than)
• : (colon)
• " (double quote)
• / (forward slash)
• \ (backslash)
• | (vertical bar or pipe)
• ? (question mark)
• * (asterisk)

Endpoint Protection on Windows OS.

HI is failing to create a folder where it intends to place the to-be downloaded file with an INVALID NAME error. This condition is due to the fact that HI attempts to use a part of the URL as the folder name, and the part of the URL host integrity is using contains a character that Windows does not allow for folder naming. 

Example URL containing an invalid character after the final forward slash;

• https://examplesiteURL.net/example/downloadfile?download=1
  • In this example, the section highlighted in yellow demonstrates the section HI will use to name the folder for the downloaded file.
  • Also in this example, the character highlighted in red demonstrates an invalid character that will cause the operation to fail.

The condition is due to the constraint from Windows OS, and thus Host Integrity will be limited in it's ability to download a file when a not-allowed character is present in the URL. 

The only solution/workaround is to change or use a different URL that does not contain the not-allowed characters;

• < (less than)
• > (greater than)
• : (colon)
• " (double quote)
• / (forward slash)
• \ (backslash)
• | (vertical bar or pipe)
• ? (question mark)
• * (asterisk)

https://docs.microsoft.com/en-us/windows/win32/fileio/naming-a-file

• Naming Conventions