How to disable downloading .exe files but save update ability for google chrome and other?
How to disable downloading .exe and other potentially dangerous files but save update ability for google chrome and other programs?
It’s possible by creating new DLP policy with *.exe file restriction but it also block updates for valid programs.
It would be ideal to analyze the downloadable files on the mime types, the presence of the MZ label at the beginning of files but allow the update files for installed programs.
I found this topic: https://forum.fortinet.com/tm.aspx?m=98373
But it is already from 2013...