No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

File Blocking Affects the Transfer of Normal Files

Publication Date:  2019-01-24 Views:  203 Downloads:  0

Issue Description

File blocking is configured on the NGFW to block the transfer of certain files between security zones. However, intranet users cannot upload or download files that should not be blocked.

Handling Process

Cause 1: Traffic does not match the expected security policy.

1. Choose Monitor > Log > Policy Matching Log.

2. Click Advanced Search in the upper right corner and specify the source user and application.

Source user: name of the user account used by an intranet user to upload or download files, for example, User0001

Application: name of the protocol or application program used by an intranet user to upload or download files

3. Click Search.

4. In the displayed security policy log, check whether the traffic that the intranet user uploads or downloads matches the expected security policy.

If not, choose Policy > Security Policy > Security Policy to adjust the sequence or parameters of the security policy.

If so, go to cause 2.

Cause 2: The traffic is blocked by other content security functions.

1.  Click the name of the security policy queried in step 1. On the Modify Security Policy page, you can view the profile referenced by the security policy.

2.  View the following logs based on the referenced security profile:

Antivirus and intrusion prevention: Choose Monitor > Log > Threat Log.

URL filtering: Choose Monitor > Log > URL Log.

File blocking, data filtering, and application behavior control: Choose Monitor > Log > Content Log.

3. On the corresponding log page, click Advanced Search in the upper right corner and enter the name of the security policy.

4. Click Search. Check the logs whose Action is Block.

If the traffic is blocked by the file blocking profile, go to cause 3.

If the traffic is blocked by another profile, check the profile to determine whether the traffic needs to be blocked.

- If yes, the fault diagnosis ends.

- If no, modify the parameters in the related profile.

Cause 3: The file blocking profile is incorrectly configured.

1. Click the name of the file blocking profile queried in step 2 and view the file blocking rule on the Modify File Blocking Profile page.

2. Modify the parameters of the file blocking rule to ensure that normal files do not match the conditions of the file blocking rule.

Root Cause

Cause 1: Traffic does not match the expected security policy.

Cause 2: The traffic is blocked by other content security functions.

Cause 3: The file blocking profile is incorrectly configured.

END