You could, but you could also cause yourself a lot of grief if any applications rely on the downloads folder.
Test it out... create a rule that blocks Write and Create of new files to your downloads folder. Put it in Report only if you want to discover what apps use it, without affecting them.
I have created a USER DEFINED RULE in VSE access protection with process to include * and file/folder name to block *exe , actions to prevent new files being created but it is causing lot of problems with windows update and upgrade of MS Office etc. Is there another way i can give more intelligence to this rule and prevent my users from unnecessary downloads
Just a hint,
one of the biggest benefits using the Gatway Antimalware Engine is the following. Just Keep the following Infos in mind.
- MWG GAM: only 30% of malware from the Internet is detected and blocked with signature based Technology. For 70% you need another Approach or Technology.
- MWG GAM: The engine inspects dynamic code: This means, if active code triese to store a file on your disk in an unusual way, this code is removed.
- not any update is an *.exe file.
- not any file has an file Extension.
So Access protection can help in some cases, but will never be able to stop a wide band of Installations over the Internet. I some specific situations it could help, but there will be much more situations where Access Protection cannot help.