Web Download Protection
Define the settings for the SandBlast Agent Browser Extension to protect against malicious files that come from internet sources. The Browser Extension is supported on Google Chrome.
The automatic options are:
- - Send files for emulation. While a file is tested, users receive a copy of it with all suspicious parts removed. If the file is not malicious, users receive the original file when the emulation is finished. Emulation can take up to two minutes.
- - Send files for emulation. Users do not receive a copy during the emulation. If the file is not malicious, users receive the original file when the emulation is finished. Emulation can take up to two minutes.
- - The SandBlast Agent Browser Extension is not active.
When Threat Extraction is selected, it only applies to file types that can be extracted, such as documents.
When Threat Emulation is selected, it only applies to file types that can be emulated, such as executables and scripts.
You can edit the selections manually to define more settings for Threat Extraction and Threat Emulation for different file types.
To change the setting for categories of file types:
- In a SandBlast Agent Threat Extraction and Threat Emulation rule, right-click the Action and select .
- Expand the list for the type of file that you choose:
- (such as documents and pictures).
- (such as executables and scripts).
- (such as videos).
- Select an option for emulation and access to the original file from the options shown. Different options show for different file types.
- - Send files for emulation. While a file is tested, the user receives a copy of it with all suspicious parts removed.
- - Send files for emulation. Users only receive the files after the emulation finishes and the file was found to be safe.
- - Send files for emulation. Users can download and access the file while it is tested. The administrator is notified if files are found to be malicious.
- - No emulation or extraction. The download is allowed.
- - No emulation or extraction. The download is blocked.
- If files are extracted, select the , which is the format of the extracted document that users can see during the emulation.
- -The file is sent in its original file type but without malicious elements.
- - When relevant, files are converted to PDF.
- Click .
To change the setting for a specified file type, such as.zip or .pdf:
- In a SandBlast Agent Threat Extraction and Threat Emulation rule, right-click the Action and select .
- Click.
- Select a file type.
- Click in the column to select a different action for that file type.
- Click in the Extraction Mode column to select a different extraction mode for the file type.
- Click .