About the File Type Control Policy

By default, the service allows the upload and download of all file types. Use the File Type Control policy to restrict the upload and download of various types of files. For example, you can block audio (such as mp3 and wav files) and video files (such as .avi, .mp4, .mpeg and others) so they do not interfere with your bandwidth utilization. You can define rules to restrict the transmission of various files and apply them to individuals, groups, departments and locations (see also the recommended policy for File Type Control). File Type Control is associated with URL filtering and is not available for cloud apps. For example, to block file attachments in Gmail, select the Webmail URL category. You can also create rules for unknown file types. Zscaler performs MIME type checks for files it cannot initially identify, and any file that falls outside of well-defined MIME types for common apps is tagged as an unknown file type. To recognize the file types inside archive files, the Zscaler service also scans ZIP, 7-Zip, GZIP, TAR, and RAR files.

You can allow, caution or block uploading, downloading or both. When you choose the Caution action, the service displays a warning before it allows the user to perform the action. When the service blocks users, it displays a notification. The content of the block notification is configured in the End User Notification page.

To view, add or edit the File Type Control policy rules, go to Policy> Web > File Type Control. See the recommended policy for File Type Control.

For information on the order in which the service enforces all policies, including this policy, see How does the Zscaler service enforce policies?