When creating File Rules within a File Security Profile (FSP), Actions must be applied to each File Matcher rule. File Matcher rules are processed in the order of rule priority as indicated by their numerical order in the File Rules column.
The following Actions can be applied to each File Matcher in an FSP (see below for a list of file types):
| Action | Description |
|---|
| Allow | Allows the file to pass, logging the event and file information |
| Block | Blocks the file from passing, logging the event and file information |
| Fast Scan | This applies static analysis and hash-based malware scanning engines to files to look for matches to known malware. Fast Scan can be customized by adding specific file types and built-in scanning Dictionaries when the File Matcher is created/edited. This method of malware scanning has the least impact on the end user's experience. Files with malware detected are blocked and logged. |
| Deep Scan | This directs the matched file to the Atmos Sandbox engine, where the file is dynamically analyzed to detect deeply embedded malware that requires executing or opening the file to trigger an attack. The Atmos Sandbox engine enables dynamic analysis of files to detect deeply embedded malware that activates upon execution or opening. If malware is detected, the file is blocked and logged for further review. |
Use the following steps to review Static and Dynamic scan results from the Exploration screen utilizing Filters.
📘
Note
- The following example screenshots show scans where files were blocked via File Rules set up in a FSP as shown in the FSP screenshot below.
- Navigate to Insights > Exploration.
- Click the Filters dropdown and select Scan Engine, then select Static Scan, Dynamic Scan, and No Scan.
- Scroll up in the Filters dropdown and select Status, then select Success, Error, and Blocked.
- In the Filters dropdown, select Status Reason, then scroll through the options and select the status reason events that you want to review on the Exploration screen; for example, Malicious File Block and File Scan error. Click the Apply button.
- The list of events is filtered to display files that were scanned so you can easily find blocked files/events.
- Hover your cursor over the File Name of a blocked file to display a tool tip containing event details (see below).
- This example shows a Static Scan that has blocked a .zip file download:
- This example shows a Dynamic Scan that has blocked a .txt file download:
📘
Note
To edit an existing FSP File Matcher Action complete the following steps:
- Navigate to Policy > File Security.
- Select an FSP from the list of existing Profiles and click the Edit button.
- Locate the File Rule that you want to modify and select a new action from the Action dropdown menu, then click Submit. (To Delete an Action click the
icon, then click Submit.)
- Click Apply Changes
The following are the file extensions included in the scan engine, listed by category:
| File Ext. | Description |
|---|
| .3mf | 3D Manufacturing Format, used for 3D printing. |
| .amf | Advanced Message Format, used for 3D printing and animation. |
| .glb | Binary GLTF (GL Transmission Format) for 3D models. |
| File Ext. | Description |
|---|
| .aac | Advanced Audio Codec, a lossy digital audio format. |
| .aaf | Advanced Authoring Format, used for audio and video editing. |
| .aiff | Audio Interchange File Format, used for storing audio data. |
| .amr | Adaptive Multi-Rate audio codec, used for voice recordings. |
| .ape | Monkey's Audio, a lossless audio compression format. |
| .au | Audio file format used for Unix systems. |
| .flac | Free Lossless Audio Codec, a lossless audio format. |
| .m3u | Multimedia playlist file format, used for audio and video playlists. |
| .midi | Musical Instrument Digital Interface file, used for music data. |
| .mp3 | MPEG Audio Layer III, a popular audio file format. |
| .mpc | Musepack audio file format, a lossy audio compression format. |
| .oga | Ogg Audio file format, used for audio data. |
| .ogg | Ogg Vorbis audio file format, used for audio compression. |
| .qcp | Qualcomm PureVoice audio file format, used for voice recordings. |
| .voc | Creative Labs Voice file format, used for audio data. |
| .wav | Waveform Audio File Format, used for audio data. |
| File Ext. | Description |
|---|
| .a | Static library file used in programming, particularly in C/C++. |
| .bat | Batch file for Windows command line scripting. |
| .class | Java bytecode file, compiled from Java source code. |
| .crx | Chrome extension file for Google Chrome. |
| .exe | Executable file for Windows applications. |
| .jar | Java Archive file, used to package Java classes and associated metadata. |
| .macho | Mach-O executable file format used in macOS and iOS. |
| .so | Shared Object file, used for shared libraries in Unix/Linux. |
| .swf | Shockwave Flash file format, used for multimedia and animations. |
| .wasm | WebAssembly file format, used for running code on the web. |
| File Ext. | Description |
|---|
| .7z | Compressed archive file format using 7-Zip compression. |
| .bz2 | Compressed file format using Bzip2 compression. |
| .cab | Cabinet file, a compressed archive format used by Windows. |
| .cpio | Archive file format used for storing files in Unix. |
| .gz | Compressed file format using Gzip compression. |
| .lz | Lempel-Ziv compressed file format. |
| .rar | Compressed archive file format using RAR compression. |
| .tar | Tape Archive file format, used for combining multiple files into one. |
| .torrent | Torrent file format, used for peer-to-peer file sharing. |
| .xz | XZ compressed file format for high compression. |
| .zip | Compressed archive file format for multiple files. |
| .zst | Zstandard compressed file format for efficient compression. |
| File Ext. | Description |
|---|
| .atom | Web feed format used for syndicating content. |
| .csv | Comma-Separated Values, a plain text format for tabular data. |
| .json | JavaScript Object Notation, a lightweight data interchange format. |
| .fdf | Form Data Format, used for PDF forms. |
| .fits | Flexible Image Transport System, used in astronomy. |
| .ics | iCalendar file format for calendar events. |
| .msg | Microsoft Outlook email message file format. |
| .mrc | MARC (Machine-Readable Cataloging) file format for bibliographic data. |
| .ndjson | Newline Delimited JSON, a format for streaming JSON data. |
| .sh | Shell script file, used for scripting in Unix/Linux shell environments. |
| .srt | SubRip Subtitle file format, used for subtitles in video files. |
| .tsv | Tab-Separated Values file format, used for tabular data. |
| .warc | Web ARChive file format, used for archiving web pages. |
| .xfdf | XML Forms Data Format, used for PDF form data. |
| .xlf | XLIFF (XML Localization Interchange File Format), used for translation. |
| .yaml/.yml | YAML Ain't Markup Language, a human-readable data serialization format. |
| File Ext. | Description |
|---|
| .accdb | Microsoft Access database file format. |
| .dbf | Database file format used by dBase and other database applications. |
| .mdb | Microsoft Access database file format. |
| .sqlite | SQLite database file format, used for lightweight database storage. |
| .sql | Structured Query Language file, used for database queries and scripts. |
| File Ext. | Description |
|---|
| .c | C programming language source code file. |
| .cpp | C++ programming language source code file. |
| .dae | Digital Asset Exchange, used for 3D models. |
| .dwg | AutoCAD drawing file format. |
| .gbr | GIMP Brush file format. |
| .go | Go programming language source code file. |
| .h | C/C++ header file. |
| .hpp | C++ header file. |
| .java | Source code file for Java programming language. |
| .jsx | JavaScript XML file, used with React for defining UI components. |
| .kt | Kotlin programming language source code file. |
| .lua | Lua script file, used for programming in the Lua scripting language. |
| .php | PHP script file, used for server-side web development. |
| .pl | Perl script file. |
| .py | Python script file, used for programming in Python. |
| .rb | Ruby script file, used for programming in Ruby. |
| .swift | Swift programming language source code file. |
| .tcl | Tool Command Language script file. |
| .tsx | TypeScript XML file, used for TypeScript files with JSX syntax. |
| .x3d | Extensible 3D file format, used for 3D graphics. |
| .xar | Xara graphic file format, used for vector graphics. |
| .xml | Extensible Markup Language file format, used for structured data. |
| File Ext. | Description |
|---|
| .epub | Electronic publication format for eBooks. |
| .lit | Microsoft Reader eBook file format. |
| .mobi | Mobipocket eBook file format. |
| File Ext. | Description |
|---|
| .p7s | PKCS #7 signature file, used for digitally signing data. |
| File Ext. | Description |
|---|
| .exe | Executable file for Windows applications. |
| .macho | Mach-O executable file format used in macOS and iOS. |
| File Ext. | Description |
|---|
| .eot | Embedded OpenType font file. |
| .otf | OpenType font file format. |
| .ttc | TrueType Collection font file format. |
| .ttf | TrueType Font file format. |
| .woff | Web Open Font Format, used for web fonts. |
| .woff2 | Compressed version of Web Open Font Format, used for web fonts. |
| File Ext. | Description |
|---|
| .nes | Nintendo Entertainment System ROM file. |
| File Ext. | Description |
|---|
| .geojson | Geographic data format based on JSON. |
| .gml | Geography Markup Language, used for geographic information. |
| .gpx | GPS Exchange Format, used for storing GPS data. |
| .kml | Keyhole Markup Language, used for representing geographic data in Earth browsers. |
| .shp | Shapefile format, used for storing geospatial vector data. |
| .shx | Shapefile index format, used alongside .shp files for geospatial data. |
| File Ext. | Description |
|---|
| .avif | AV1 Image File Format, used for images with high compression. |
| .bmp | Bitmap image file format. |
| .bpg | Better Portable Graphics, an image format for high-quality images. |
| .dcm | DICOM file format for medical imaging. |
| .djvu | Document format for scanned documents. |
| .hdr | High Dynamic Range image file format. |
| .icns | Icon file format for macOS applications. |
| .ico | Icon file format for Windows applications. |
| .gif | Graphics Interchange Format, used for animated images. |
| .heic | High Efficiency Image Coding, used for images on Apple devices. |
| .heif | High Efficiency Image File Format, used for images. |
| .jpg/.jpeg | JPEG image file format, commonly used for digital photos. |
| .jp2 | JPEG 2000 image file format, used for high-quality images. |
| .jpf | JPEG 2000 file format, similar to .jp2 but with different encoding options. |
| .jpm | JPEG 2000 file format with multiple layers or components. |
| .jxl | JPEG XL image file format, designed for high efficiency and quality. |
| .jxr | JPEG XR image file format, used for high dynamic range images. |
| .jxs | JPEG XR image file format, used for high dynamic range images. |
| .pat | Pattern file, often used in graphics or design applications. |
| .png | Portable Network Graphics image file format. |
| .psd | Adobe Photoshop Document file format, used for image editing with layers. |
| .svg | Scalable Vector Graphics file format, used for vector images. |
| .tiff | Tagged Image File Format, used for high-quality images. |
| .xpm | X PixMap image file format, used for bitmap images. |
| .webp | WebP image file format, used for images on the web with compression. |
| .xcf | GIMP image file format, used for images with layers and editing. |
| File Ext. | Description |
|---|
| .deb | Debian package file for software installation on Debian-based systems. |
| .msi | Microsoft Installer file format for software installation. |
| .rpm | Red Hat Package Manager file format, used for software installation on Linux. |
| File Ext. | Description |
|---|
| .doc | Microsoft Word document file format (older version). |
| .docx | Microsoft Word document file format (newer version). |
| .odc | Open Document Chart file format. |
| .odf | Open Document Format for text documents. |
| .odg | Open Document Graphics file format. |
| .odp | Open Document Presentation file format. |
| .ods | Open Document Spreadsheet file format. |
| .odt | Open Document Text file format. |
| .otg | Open Document Graphics Template file format. |
| .otp | Open Document Presentation Template file format. |
| .ots | Open Document Spreadsheet Template file format. |
| .ott | Open Document Text Template file format. |
| .ppt | Microsoft PowerPoint presentation file format (older version). |
| .pptx | Microsoft PowerPoint presentation file format (newer version). |
| .pub | Microsoft Publisher file format, used for creating publications. |
| .rtf | Rich Text Format, a text file format that supports text formatting. |
| .xls | Microsoft Excel spreadsheet file format (older version). |
| .xlsx | Microsoft Excel spreadsheet file format (newer version). |
| File Ext. | Description |
|---|
| .ps | PostScript file format, used for vector graphics and page description. |
| .pdf | Portable Document Format, used for documents. |
| File Ext. | Description |
|---|
| .ods | Open Document Spreadsheet file format. |
| .sxc | StarOffice Calc spreadsheet file format. |
| .tsv | Tab-Separated Values file format, used for tabular data. |
| .xls | Microsoft Excel spreadsheet file format (older version). |
| .xlsx | Microsoft Excel spreadsheet file format (newer version). |
| File Ext. | Description |
|---|
| .lnk | Windows shortcut file, used to link to applications or files. |
| .ini | Initialization file used for configuration settings in software applications. |
| File Ext. | Description |
|---|
| .txt | Plain text file format. |
| .xml | Extensible Markup Language file format, used for structured data. |
| File Ext. | Description |
|---|
| .3g2 | 3GPP2 multimedia file format, used for video and audio. |
| .3gp | Multimedia file format for 3G mobile phones, containing audio and video. |
| .asf | Advanced Streaming Format, used for streaming media. |
| .avi | Audio Video Interleave, a multimedia container format. |
| .flv | Flash Video file format. |
| .m4v | MPEG-4 video file format, often used for videos on Apple devices. |
| .mkv | Matroska Video file format, a multimedia container format. |
| .mov | Apple QuickTime movie file format. |
| .mp4 | MPEG-4 video file format, widely used for video streaming. |
| .mpeg | Moving Picture Experts Group video file format. |
| .mqv | MPEG-4 video file format, often used for video recordings. |
| .ogv | Ogg Video file format, used for video compression. |
| .rmvb | RealMedia Variable Bitrate file format, used for streaming video. |
| .swf | Shockwave Flash file format, used for multimedia and animations. |
| .tcx | Training Center XML file format, used for fitness data. |
| .ts | MPEG Transport Stream file format, used for video and audio streaming. |
| .vtt | Web Video Text Tracks file format, used for subtitles and captions. |
| .webm | WebM video file format, used for web video streaming. |
| File Ext. | Description |
|---|
| .atom | Web feed format used for syndicating content. |
| .css | Cascading Style Sheets, used for styling web pages. |
| .har | HTTP Archive format for web performance analysis. |
| .html | HyperText Markup Language file for web pages. |
| .js | JavaScript file, used for scripting in web development. |
| .json | JavaScript Object Notation, a lightweight data interchange format. |
| .owl | Web Ontology Language file format for representing ontologies. |
| .php | PHP script file, used for server-side web development. |
| .rss | Really Simple Syndication file format, used for web feeds. |
| .scss | Sassy Cascading Style Sheets, a syntax of Sass for styling web pages. |
| .svg | Scalable Vector Graphics file format, used for vector images. |
| .vcf | vCard file format, used for storing contact information. |
| .xml | Extensible Markup Language file format, used for structured data. |
