Download & Upload Restriction

Necessity to Restrict File Activities

Restricting file activities such as downloads and uploads from untrusted websites is essential to safeguarding computers and sensitive data. Malicious websites often host harmful files, including viruses, malware, and ransomware, that can compromise systems, steal confidential information, or cause operational disruptions. Similarly, uncontrolled uploads can lead to accidental or intentional data leakage. These incidents may result in data loss, financial fraud, compliance violations, and other serious consequences. Enforcing file activity restrictions significantly reduces the risk of cyberattacks and data exfiltration.

Restricting Browser File Activities

Securing your network requires effective control over file downloads and uploads initiated through browsers. With the File Activity Restriction feature in Endpoint Central, administrators can allow or block file downloads and uploads, ensuring that file transfers occur only through trusted sources.

1. Navigate to Browsers -> Policies -> File Activity Restriction.
2. Click Create Policy.
3. For restricting downloads/uploads, navigate to the respective section.

   

4. You can block all the downloads/uploads by clicking Yes against Block Downloads or Block Uploads respectively.

   

5. They can also be restricted based on specific conditions. It will be blocked if any or all of the conditions are met. The conditions can be inputted through the items below:
   • Web Domains/URLs: Can be either the tab URL or the download URL.
   • Web Groups: The web groups created can be added.
   • File Size: Specified in bytes (e.g., 4KB = 4000 bytes).
   • File Types: Specified as file extensions (e.g., .pdf, .exe).
   • Time Limit: Specified in 24-hour format (e.g., 10:00:00).
6. Certain items can be excluded from the download restriction by mentioning them in the Exclusion List.
7. The block page appearance can also be customized with the default message given or a customized message and a custom logo. Users can be allowed to contact the administrator from the blocked page.

   

8. Associate the policy to computers/groups of computers in which you want the download restriction policy to take place.
   

   Note: The file activity restriction policy is not supported within Incognito mode and Guest mode of browsers. Alternatively, Incognito mode can be disabled under Policies -> Browser Customization -> Security Restriction -> Disable Incognito Policy while Guest mode can be disabled under Policies -> Browser Customization -> User Account Settings -> Allow users to use guest mode.