FTP usage will be limited by the following restrictions:
transmission of music files in the MP3 format will be denied
transmission of video files (*.avi) will be denied during labor time
uploads (storing files at FTP servers) will be denied protection of important company information
Go to Configuration / Content Filtering / FTP Policy to set FTP limitations. The following rules are predefined rules and can be used for all intended restrictions.
This rule denies resuming interrupted data transfer (e.g. caused by a network error). If files transmitted by FTP are scanned, it is recommended to enable this rule (files transmitted in pieces cannot be reliably scanned).
Deny storing data at FTP servers this rule is already defined and it is satisfactory to switch it on if you intend to use it.
This option denies transmission of sound files of the listed formats. This rule is already available and it can be enabled easily.
This rule will deny transmission of video files. Enable this rule, use the Edit button to open the appropriate dialog and define the Labor time time range in the Advanced tab.
Warning: The FTP policy refers to all FTP traffic that is processed by the FTP protocol inspector.
In the following example, we intend to enable the local FTP server from the Internet. The Forbid upload rule denies even upload to this server which is not always desirable. For this reason we must add a rule that would enable upload to this server before the Forbid upload rule.
Notes:
The IP address of the host where the appropriate FTP service is running must be used to define the FTP server\'s IP address. It is not possible to use only the firewall\'s external IP address from which the FTP server is mapped (IP translation is performed before content filtering rules are applied)!
The same method can be applied to enable upload to a particular FTP server in the Internet whereas upload to other FTP servers will be forbidden.