SRX Services Gateway
Highlighted
SRX Services Gateway

To Block Password protected PDF File

‎05-06-2020 11:19 PM

Hello, 

 

Is there a way to block upload/download of Password protected PDF file. 

 

Thanks,

Hari. 

6 REPLIES 6
Highlighted
SRX Services Gateway

Re: To Block Password protected PDF File

‎05-06-2020 11:51 PM

Hi Hari, 

 

Greetings, 

As per my understanding, you can block the pdf extension type using the UTM block-extension list in the feature-profile settings. There would be no difference between pdf and password protected pdf in terms of extension as such and so it would not be possible as per my understanding. 

 

Please mark "Accept as solution" if this answers your query. 

 

Kudos are appreciated too! 

 

Regards, 

Sharat Ainapur

Highlighted
SRX Services Gateway

Re: To Block Password protected PDF File

[ Edited ]
‎05-07-2020 12:24 AM

Hi Sharat, 

 

By using block-extension, it would block PDF files. Is there a way to block only password protected PDF. 

 

Moreover, what I have observed is block-extension is blocking only http/https downloads but not the uploads.

 

Thanks,

Hari. 

Highlighted
SRX Services Gateway

Re: To Block Password protected PDF File

[ Edited ]
‎05-07-2020 12:33 AM

Hi Hari,

 

The document link gives a detailed explanation about all possible ways in which you can achieve Unified Threat Management:

https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-utm-overview.html#id-uni...

 

Starting with Junos OS Release 18.2R1, the following commands under the [edit security utm feature-profile] hierarchy level are deprecated.

 

Before you can configure most UTM features, you must first configure the custom objects for the feature in question. Custom objects are global parameters for UTM features. This means that configured custom objects can be applied to all UTM policies where applicable, rather than only to individual policies.

 

The below document gives you an example configuration of content filtering custom objects:

https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-utm-content-filtering.ht...

 

Example config snippet:

{primary:node0}[edit security utm]

root@SRX550-Node0# show

custom-objects {

       filename-extension {

             Extension-List {

                  value [ pdf swf js ];                             >>>> in your case you can just use pdf

             }

       }

       protocol-command {

             GET {

                   value GET;

              }

        }

}

feature-profile {

      content-filtering {

            profile Content-Filtering {

                  permit-command GET;

                  block-extension Extension-List;

                  block-content-type {

                          active;

                          java-applet;

                          exe;

                  }

             }

       }

}

utm-policy Content-Filter-Policy {

        content-filtering {

              http-profile Content-Filtering;

         }

}

 

You can block uploads by using HTTP Content Filter. Please refer the below KB:

https://kb.juniper.net/InfoCenter/index?page=content&id=KB26837&cat=FILTERING_D0E41470&actp=LIST&sho...

 

With respect to limiting this to password-protected files specifically, I am not sure if we can do that! This is the closest I could get, to match your requirements. 🙂

 

Hope this helps. 

 

Please mark this "Accepted solution" if this solves your query.

Kudos would be much appreciated as well 🙂

Highlighted
SRX Services Gateway

Re: To Block Password protected PDF File

‎05-07-2020 12:56 AM

 

Hi bmanvita , 

 

Thank you for sharing the information. With the help of extensions, it would block PDF files.

I am specifically looking for password protected files. 

 

Thanks,

Hari. 

Highlighted
SRX Services Gateway

Re: To Block Password protected PDF File

‎05-07-2020 01:15 AM

Hi Hari,

 

As already explained, content-filtering works using the extension .pdf which is same for password protected as well as non protected. So there is no way for SRX to differentiate if it is password protected or not using content-filtering.


To keep it short, it is not possible to block specifically password protected pdf files.

 

Hope this helps.

 

Thanks and Regards,

Pradeep Kumar

Highlighted
SRX Services Gateway

Re: To Block Password protected PDF File

‎05-07-2020 08:43 PM

Hi Pradeep, 

 

Thank you for sharing the information. 

 

Thanks,

Hari. 

Feedback