Summary
This article explains how to setup ShareFile categories to restrict what the user is allowed to do namely downloading, uploading and opening shared documents.
Note: Implementing this solution will only work on the web client, it will not work with ShareFile applications.
Solution
The following will outline the procedure of how to set up custom categories to block uploading, downloading, or accessing shared files in ShareFile.
- Create a new custom category in Guardian > Policy objects > Categories, named for the service you are blocking, for example, ShareFile Uploads.
- Add the following to block the service:
- To block downloads add the following to Domain/URL filtering:
- To block shared documents add the following to URL patterns:
- To block uploads add the following to URL patterns:
- Add the newly created custom category to the Decrypt and inspect policy in Guardian > HTTPS inspection > Manage policies.
- If one does not exist, create a new HTTPS inspection policy with the ShareFile custom category selected as the What, and Decrypt and inspect as the Action.
- Create a new web filter policy (Guardian > Web filter > Policy wizard) with the following attributes:
- Who Everyone*
- What Choose the custom category created in step 1
- Where Everywhere*
- When Always*
- Action Block
sharefile.com/download.ashx
(sharefile\.com\/d-.*)
(sharefile\.com\/upload.*?\.)(?:aspx)
Tip: If required, you can add all three URLs above to a single custom category to block all ShareFile services
Make sure the Enable Policyoption is selected
*You should change these based on your organizational needs.