File upload blocking does not work in Cloud SWG
search cancel

File upload blocking does not work in Cloud SWG

book

Article ID: 441828

calendar_today

Updated On:

Products

Web Isolation for Cloud SWG Cloud Secure Web Gateway

Issue/Introduction

In Web Isolation Cloud, we were blocking the upload of specific file types.
After migrating to Cloud Secure Web Gateway (Cloud SWG), we were able to configure file type settings in Group A of the Threat Protection Policy. However, in actual traffic, file uploads were not blocked.

Please let me know how to resolve this issue.

Environment

Migration from Web Isolation Cloud to Cloud SWG

Resolution

To achieve the equivalent file type blocking in Cloud SWG as in Web Isolation Cloud, the following three configurations are required.

[Required Configurations]

  • For the file type block to work, the URL must be targeted for Web Isolation traffic.
  • The rule defining the file type block must be placed above the rule that enforces Web Isolation.
  • The file to be detected must have a minimum size of 1MB.

An image of a Group A Policy that meets the required configurations is as follows:

Additional Information

You can check the block logs by navigating to Full Log Details > Web Isolation Browser Log.

Powered by Wolken Software