You can control the type of files that the FTP-proxy allows for downloads and uploads. For example, because many hackers use executable files to deploy viruses or worms on a computer, you could deny requests for *.exe files. Or, if you do not want to let users upload Windows Media files to an FTP server, you could add *.wma to the proxy definition and specify that these files are denied. Use the asterisk (*) as a wildcard character.
To define rules for an FTP server protected by the Firebox, modify the FTP-Server proxy action. To define rules for users who connect to external FTP servers, modify the FTP-Client proxy action.
- In the Proxy Action configuration, select the Upload or Download tab.
- Add, delete, or modify rules, as described in Add, Change, or Delete Rules.
- If you want uploaded files to be scanned for viruses by Gateway AntiVirus, from the Actions to take (if no rule above is matched) drop-down list, select AV Scan for one or more rules.
- To change settings for another category in this proxy, see the topic for that category.
- When you are finished with your changes to this proxy action definition, save the settings.
If you modified a predefined proxy action, when you save the changes you are prompted to clone (copy) your settings to a new action.
For more information on predefined proxy actions, see About Proxy Actions.