Skip to main content

Netskope Help

File Type Detection

Note

If you do not see this option in our account, contact Support to enable this feature.

The File Type Detection capability allows admins to configure policies to allow or block files based on a specific category (e.g. binary or executable) or file type (e.g. Android Package Kit). Optionally, admins can send files for deep analysis using DLP or Threat Protection Profiles or create Real-time Protection policies to ensure the content of files are checked to avoid data exfiltration or malicious files.

Add a File Type Criteria and Constraint

Use the file type criteria and constraint in a policy to restrict upload or download of various types of files or category of files. 

  1. Create a Real-time Protection policy or edit an existing policy. To learn more: Real-time Protection Policies

  2. Click Add Criteria & Constraints and select Activity Constraints > File Type.

    selecting-file-type-activity-constraint.png
  3. Select whether a file should match or does not match the conditions specified.

    selecting-match-does-not-match-file-types.png
  4. Click Select File Type to make file category or file type selections.

    select-file-type-option.png
  5. The Select File Type window displays. You can select a category or click the magnifier to view and select the file types within the category.

    selecting-file-type-categories-and-specific-file-types.png
  6. Optionally, click Categories to return to the Category list without making any changes.

    file-type-select-categories-return.png
  7. Optionally, select the File Type Not Detected category if your file category is an unknown file type or doesn’t fall into an existing categorization. Scroll to the bottom of the list to view this category.

    file-type-not-detected-category.png
  8. Configure the Profile & Action.

  9. Add a policy name.

  10. Click Save.

View generated alerts in the Skope IT application event details.

Add a File Size Criteria and Constraint

Use the file size criteria and constraint in a policy to restrict the size of various types of files or categories of files that users can upload or download.

  1. Create a Real-time Protection policy or edit an existing policy. To learn more: Real-time Protection Policies

  2. Click Add Criteria & Constraints and select Activity Constraints > File Size.

    selecting-file-size-activity-constraint.png
  3. Select whether a file should match or does not match the conditions specified.

    selecting-match-does-not-match-file-size.png
  4. Select an operator for the File Size criteria.

    select-file-size-operator.png
  5. Enter a value and select the unit of measurement for the File Size criteria. You can enter up to 1.999 GB for the file size.

    configure-file-size-value-unit.png
  6. Configure the Profile & Action.

  7. Add a policy name.

  8. Click Save.

Skope IT Application Event Details

Navigate to Skope IT > Application Events to view alert details.

Real-time Protection Policy Migration

Admins must migrate any existing policies to the new file type options, because the old file type options will be deprecated. The new options provide more comprehensive detection.

Netskope has provided suggestions for updating all your existing policies that need to be migrated, including suggestions for new file types to replace your policies’ old file types. These suggestions are available for admins to review and take action on.

Note

Admins must verify the migration suggestions (wizard) before applying to ensure accuracy. Keep in mind that once the migration is complete, you can’t roll back the policies.

Navigate to Polices > Real-time Protection, and then click Review Suggestions. A wizard will guide you through the migration suggestions. You can accept the suggestions or make new file type choices.

migrate_policy.jpg