Block Files Extensions
On The Firewall
An easy win to help prevent malware, spyware and crypto ware
into your environment is blocking dangerous file extension on your firewall. Most
modern firewalls offer the ability to block file extensions.
Most modern firewalls offer the ability to create a list of
file extensions you do not want to allow and they tie that list to a rule. What
I like to do to provide flexibility if you need to make exceptions, is to add
user identification to the firewall rule along with URL categories. The reason
I do that is it provides the flexibility to allow the ability to download files
from trusted or allowed URL categories.
Why do I do that? Certain applications such as WebEx or GoToMeeting
require you to download an exe if you want to join a meeting, you can allow
that category so you are not busy creating and maintaining URL whitelist.
Once you have this implemented, you will find that your machines
affected with viruses will go down and your virus scanner will generally find
Putting this in place is relatively easy and it will save in
support costs and time in the long run. If you have not done this already, I
highly recommend that you look at implementing it on your firewall’s.