I have recently commissioned a two node MWG cluster as a reverse proxy which is working fine, but I have a requirement that does not appear to be directly catered for
My app will only accept .xls files as uploads. Sometimes users attempt to upload .xlsm files some of which get through my MWG rule base. some of which do not, the MWG unpacks the .xlsm and applies my configured rules and reports upon items INSIDE the .xlsm. Whereas I want to be able to stop anything at all being uploaded with an .xlsm extension and ask the user via a custom message to resave in .xls format
I know file extensions can be spoofed this not a security configuration just a courtesy to my users! Does anyone know how I can setup blocking on file extension of a submission?
It would also be nice to able to be able to configure two separate rule bases, one for in bound and one four out bound or apply rules to inbound / outbound / both but again not seen any way to do that in the MWG policy config
Any insights (particularly around file extension blocking) gratefully received, Many thanks, Graham
Use URL.FileExtension and match on a list of wildcards that contains "xlsm" and the other extensions you might want to forbid.
The following Excel mediatype.ensuredtypes "at least one in list" with a list that includes these macroEnabled thingees might be something you'd like to block as well as an OR function to the URL.FileExtension matching, and action of Block.
This would get around anyone simply renaming files to get around a file extension block.
Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center