Archive and Transfer - Inspect Archives and Configure Exceptions
You can configure how archives are inspected and transferred on Secure Web Gateway. For example, you can configure that archives are not inspected if they exceed a size limit or allow access to archives for particular users without inspection.
- On the user interface for Secure Web Gateway, select Policy > Web Policy > Policy.
-
On the policy tree in the navigation panel, expand Content Inspection and select Archive and Transfer.
The selected rule set appears in the configuration area on the right. -
Configure when this rule set should apply.
-
Under Criteria, leave the default All traffic, as you want the rules in this rule set to apply to all types of web traffic.
-
Next to Applies to, leave the default All, as you want the rules in this rule set to be processed in all cycles of web filtering on Secure Web Gateway.
-
-
Click the settings icon to configure settings for this rule set in a panel that is inserted on the right. The settings that are currently in use are shown as selected on the panel.
When configuring these settings, you can set a limit to the number of levels that are inspected when archives are nested and to the amount of data that is extracted for inspection from an archive. -
To allow archive inspection to be skipped when requests are submitted to access them, configure the rules that are preset here for this purpose. They are shown in the Preset Rules section under No Inspection.
Use the checkboxes at the beginning of the lines with the rules to enable oder disable them as needed. Click the three dots at the end of the line for a rule and work with the options for list handling that are provided.
You can skip archive inspection based on:-
Domains, hosts, and URLs
-
User groups
-
User names
-
Client IP addresses
-
Private applications
-
-
Under Skip Upload Inspection, configure the preset rules for allowing archive inspection to be skipped when requests are submitted to upload them. Use the checkboxes at the beginning of the lines with the rules to enable oder disable them as needed.
You can skip inspection of archives that are uploaded based on:
-
Domains
-
User names
-
User groups
-
Client IP addresses
-
Private applications
-
-
Under Skip Download Inspection, configure the preset rules for allowing archive inspection to be skipped when requests are submitted to download them.
Use the checkboxes at the beginning of the lines with the rules to enable oder disable them as needed. Click the three dots at the end of the line for a rule and work with the options for list handling that are provided.
You can skip inspection of archives that are downloaded based on:-
Domains
-
User names
-
User groups
-
Client IP addresses
-
Private applications
-
-
Under Archive Handling, configure the preset rules for allowing archive inspection to be skipped depending on the size of the archive and for blocking the transfer of archives for both uploads and downloads if they are, for example, corrupted.
-
Enable or disable the rule for skipping archive inspection depending on the size of the archive.
Click the rule name, which is marked in blue, to open a panel on the right, where you can specify a size limit. -
Configure the rules for blocking the transfer of archives. You can block the transfer for:
-
Encrypted media types
-
Multipart media types
-
Corrupted media
-
-
Click the three dots at the end of line for a rule and click Select Block Setting to configure settings for the end-user
notification page that is sent to a user who has a request blocked.
To enable or disable the complete rule set, use the On/Off toggles at the end of the line with the rule set name.
The filtering process will now follow what you have configured for inspecting and transferring archives on Secure Web Gateway.