I have been trying to find means to allow users to be able to download files from websites like Dropbox, Box... while not allowing uploads to those websites. This might have been answered in an other thread but I have not been able to find any answers and all of my attempts have ended up blocking access to the site entirely. I cannot block access nor downloads from these sites as we have clients that use these sites to provide us with documents, but in order to comply with security requests from a particular client, I am being requested to block or find a way to block uploading to these websites. I tried emulating the rules like the ones found for blocking uploading attachments to web mail (url.category) but couldnt find in the list the items that are under P2P/ File Sharing to see if that is the category needed to include dropbox.
Any help or guidance will be greatly appreciated. I don't have much experience with the web gateway and most of the rules I have either been able to find via the community or by sheer accident.
A partial solution is to filter on category "Personal Network Storage" and command name does not equal "POST". While this prevents uploads, it also prevents authentication, if required. Adding an exception list will allow to define exceptions.
My rule goes something like this:
URL.Categories <Default> contains Personal Network Storage AND (
Command.Name does not equal "POST" OR
URL matches in list Allow Network Storage Download POST Exceptions)
The action is "Stop Rule Set" to allow the normal AV and other processing to occur further on down the policy.
Thanks for the info. I was looking at the wrong category (P2P/ File Sharing). After i posted here, I played around with the rule for Webmail that i found in the McAfee KB (McAfee KnowledgeBase - Web Gateway - How to block Web Mail attachment uploads and downloads by media...), and added extra consideration the Personal Network storage with the same files types for blocking. It appears to let me sign in to dropbox and see items but not upload.
Not sure if this is the best approach or if it leaves options where users can go around the rule, but from the little test i was able to perform (dropbox and onedrive) neither allowed me to upload files to it. Posting my results in case it helps others with similar issue.