Scan file sharing downloads for malware

If ‚ÄčSIA‚Äč Proxy is enabled in a policy, you can configure ‚ÄčSecure Internet Access Enterprise‚Äč (‚ÄčSIA‚Äč) to analyze traffic from supported file sharing services. To do this, assign the Allow action to the File Sharing access control category. If a threat is discovered in download files, the action that corresponds to the threat type or category is completed. For example, if malware is discovered, the threat is assigned the action that's associated with known malware in the Threat tab of the policy.

If your organization is licensed for ‚ÄčSIA‚Äč Advanced Threat and as a result, Inline Payload Analysis is enabled, ‚ÄčSIA‚Äč Proxy scans files that are up to 5 MB in size.

This table shows the validated and fully supported File Sharing domains.

Supported File Sharing ServiceDomain
iCloudicloud-content.com
OneDrivebn.files.1drv.com
Boxpublic.boxcloud.com
Google Drive (browser-based application)googleusercontent.com
Dropbox (browser-based application)dl.dropboxusercontent.com

dl-web.dropbox.com

Configure exceptions for file sharing scanning

The desktop application versions of Google Drive and Dropbox are currently not supported as File Sharing domains. As a result, users are not able to access these applications when ‚ÄčSIA‚Äč Proxy is enabled and and the File Sharing category is added to the access control settings of a policy. To continue using these applications, you need to select the Allow action for the File Sharing category or you can create a custom exception list that contains the domain of the specific application you don't want analyzed in your network.

Desktop ApplicationDomain
Google Drivewww.googleapis.com
Dropboxdl.dropbox.com

Similarly, if there are supported file sharing services that you want to allow or that you want to block, you can create a custom exception or block list that includes the domains of the service or services. You can then assign the exception or block list to your policy. For example, if you want to specifically block one service while scanning and classifying threats in the other supported services, you can create a custom block list that contains the service you want to block, and you can configure the Allow action for the File Sharing category.

Block file sharing services

Alternatively, if you do not want to analyze downloads with inline payload analysis or your organization is not licensed for ‚ÄčSIA‚Äč Advanced Threat, you can block all file sharing services by blocking the File Sharing category in the Access Control settings..