Marware and File Policy
Location in GUI:
Policies » Marware and File » Marware and File Policies
Diagram
Classes
policies (fmc.domains)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| file_policies | List | [file_policies] | No |
file_policies (fmc.domains.policies)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Regex: ^[a-zA-Z0-9_.+ -]{1,64}$ | Yes | |
| block_encrypted_archives | Boolean | true, false | No | |
| block_uninspectable_archives | Boolean | true, false | No | |
| clean_list | Boolean | true, false | No | |
| custom_detection_list | Boolean | true, false | No | |
| description | String | max: 255 | No | |
| first_time_file_analysis | Boolean | true, false | No | |
| inspect_archives | Boolean | true, false | No | |
| max_archive_depth | Integer | min: 1, max: 3 | No | |
| threat_score | Choice | DISABLED, MEDIUM, High, VERY_HIGH | No | |
| file_rules | List | [file_rules] | No |
file_rules (fmc.domains.policies.file_policies)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| action | Choice | DETECT, BLOCK_WITH_RESET, DETECT_MALWARE, BLOCK_MALWARE_WITH_RESET | Yes | |
| application_protocol | Choice | ANY, HTTP, SMTP, IMAP, POP3, FTP, SMB | Yes | |
| direction_of_transfer | Choice | ANY, UPLOAD, DOWNLOAD | Yes | |
| file_categories | List | String | No | |
| file_types | List | String | No | |
| store_files | Choice | MALWARE, CUSTOM, CLEAN, UNKNOWN | No |
Examples
Prerequisites:
existing:
fmc:
domains:
- name: Global
objects:
file_types:
- name: PDF
file_categories:
- name: PDF files
File Policy:
fmc:
domains:
- name: Global
policies:
file_policies:
- name: MyFilePolicyName1
file_rules:
- default_action: DETECT
application_protocol: HTTP
direction_of_transfer: DOWNLOAD
file_categories:
- PDF files
- default_action: DETECT
application_protocol: HTTP
direction_of_transfer: UPLOAD
file_types:
- PDF