File filtering configuration overview

To use file filtering, integrate or configure one or more malware detection methods and add rules for file filtering.

Figure: Components and elements in the configuration



1
McAfee Global Threat Intelligence file reputation service or McAfee Threat Intelligence Exchange (TIE) file reputation service
2
Forcepoint Advanced Malware Detection sandbox service
3
File Filtering Policy
4
Firewall, IPS, Layer 2 Firewall, or Layer 2 Interface Policy
5
NGFW Engine

The configuration of file filtering consists of the following general steps:

  1. Integrate or configure one or more malware detection methods.
    • (Optional) Integrate Forcepoint NGFW with one of the following file reputation services:
      • McAfee Global Threat Intelligence
      • McAfee Threat Intelligence Exchange (TIE)
    • (Optional) Integrate Forcepoint NGFW with the Forcepoint Advanced Malware Detection sandbox service.
    • (Optional) Enable Anti-Malware for the engine.
    Note: Each malware detection method is optional, but you must integrate or configure at least one malware detection method.
  2. Create a File Filtering Policy element and add rules to the File Filtering Policy.
  3. Enable file filtering in a Firewall, IPS, Layer 2 Firewall, or Layer 2 Interface Policy element.
    Note: To enable file filtering in a Layer 2 Interface Policy, you must enable file filtering and select the File Filtering Policy in the Firewall Policy.