File sandboxing
In addition to anti-virus (AV) scanning, Gateway can quarantine previously unseen files downloaded by your users into a sandbox and scan them for malware.
While the files are quarantined, Gateway will present a scanning page to your users. If a file passes scanning, Gateway will release the file from quarantine and download it to your user’s device. If the file contains malware, Gateway will block the request and log the match as a Block decision in your HTTP logs.
To begin quarantining downloaded files, turn on file sandboxing:
- In Zero Trust ↗, go to Settings > Network.
- In Firewall, turn on File sandboxing.
- (Optional) To block requests containing non-scannable files, select Block requests for files that cannot be scanned.
You can now create Quarantine HTTP policies to determine what files to scan in the sandbox.
File sandboxing supports scanning the following file types:
Supported sandboxing file types
.com.exe.pdf.doc.docm.docx.rtf.ppt.pptx.xls.xlsm.xlsx.zip.rar
Gateway cannot scan requests containing the following files:
- Files larger than 15 MB
- PGP encrypted files