Video Screencast Help

Download

Created: 24 Apr 2012 • Updated: 25 Jun 2012 | 5 comments
SKP's picture
This issue has been solved. See solution.

Can we block from downloading files from particular site

Comments 5 CommentsJump to latest comment

P_K_'s picture

We can block access to sites, I have not tested blocking downloads but i think it doesn't work

http://service1.symantec.com/SUPPORT/ent-security.nsf/2326c6a13572aeb788257363002b62aa/9c561a4628b3c9a44925747f007b19cd?OpenDocument

https://www-secure.symantec.com/connect/videos/allow-and-block-websites-using-symantec-endpoint-protection-firewall

Blocking sites works great.

MCT MCSE-2012 Symantec Technical Specialist (SCTS)

pete_4u2002's picture

blocking download from a specific site , I think it is not possible to achiev through SEP.

Mithun Sanghavi's picture

Hello,

Check this Article:

How to block users to perform download of files with specific extentions using Application and Device Control.

https://www-secure.symantec.com/connect/articles/how-block-users-perform-download-files-specific-extentions-using-application-and-device-con

However I agree, it is not possible to achieve "blocking downloads of files from particular site" through SEP.

However, what you could either do is -

1) As suggested above, block the website OR

2) Apply an Application and Device Control Policy for Hardening Symantec Endpoint Protection (SEP)

http://www.symantec.com/docs/TECH132337

By applying the above policy, it Prevents Internet Explorer (IE) and Firefox from writing code to WINDIR and Program Files, including subdirectories, also prevents Internet Explorer from launching code except in WINDIR and Program Files

Exclusions are already in place for Windows Updates.

Extra care should be used when rolling out this rule.  It has been included in this set due to its power to block threats, but it has consequences that should be considered.  

a.  This rule can interfere with new ActiveX controls, which effectively code Internet Explorer downloads and runs.

b.  Users will no longer be able to run downloaded executables directly from the browser.  Instead they will be required to use Save As to disk before running.

Internet Explorer drive by downloads is a very common threat vector.  This rule prevents many such attacks by blocking access to locations typically written to by threats.  Users also will be unable to download executables to WINDIR or anywhere in Program Files, but can continue to download to the Desktop, My Documents, or Downloads directories.

Check - How the Application and Device Control Hardening policy works

http://www.symantec.com/docs/TECH132307

Hope that helps!!

    Mithun Sanghavi
    Senior Consultant
    MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

    Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

    Swapnil khare's picture

    Hi SKP ,

    All above are correct it is possible to have website blocked but not downloading for files for users however this can go as suggestion you may like to post you idea at

    https://www-secure.symantec.com/connect/node/add/idea

     

    Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

     

    P_K_'s picture

     Download doesn’t only mean downloading files from a site, When we open a webpage even then we download data, images and graphics get downloaded to the TEMP directory. Let’s talk about a hypothetical situation, we are able to block download from a site, in that case you would not be able to see the page properly.

    So thinking of blocking download from a website is not a good idea.

    MCT MCSE-2012 Symantec Technical Specialist (SCTS)

    SOLUTION