We are behind a paloalto pa-500. Software version 6.0.5, Global Protect Agent 1.2.4.
We wish to block the download of certain file types that are within ZIP files. For example, we have a rule to block the download of .exe files but we also wish to block the download of .exe files that are sitting with a ZIP file. When a rule to block the download of ZIP files is added this also blocks the download of Office files that are Office 2007 format or later. This is because they use a file format that has some compression.
Previously we used a Watchguard firewall and it was possible to block the download of ZIP files on this device. On this device the block on ZIP file downloads did not affect the download of Word or Excel files.
So, my question is, does anyone know how to block the download of ZIP files on a Paloalto without also blocking the download of Word and Excel files ?
Thank in advance for any useful info.