NGFW can be integrated with GTI to send file hashes to GTI cloud to be checked for "bad" files:
For HTTPS traffic this is possible when HTTPS traffic is configured to be TLS decrypted:
Thanks for the (official) answer.
Indeed, it does not really fit my need as GTI or TIE is going to use shared algorithms and reputations that I don't manage.
My point is that I do want to allow or to exclude a specific file based on its HASH value: let's say, as an example given, what was in a previous post "I do not want my users to download the dropbox.exe file" ==> wheter the name or extension is changed or file is zipped.
Is there an alternate method for that aim ?