jk303
Feb 06, 2018Nimbostratus
Blocking specific file names while allowing specific file type
Hi all, What would best way to allow file1.exe file2.exe to enter, but block ALL other *.exe files. Also while *.exe is allowed as a file type within ASM policy. I'm worried about order of operations. I'm working with 12.2 and I don't see ability to enter regex for file types. I was hoping I could do this like I would do regex within parameter type.
Any suggestions? What if I I block *.exe as file type in ASM but then have file1.exe file2.exe as irule to allow it? What about creating a unique ASM signature?
If anyone is doing this would appreciate some input. Looking for best approach.