Prohibit Intercept X Advanced users to download .exe, .scr files

Question

For users, id like to prohibit incoming file data via all applications (outlook,web browser etc.) .exe, .scr or malware injected data files like pdf, jpg, mp3 (stenography) etc. from internet. 
 Can sophos identify and manage it? What kind of policy to do it?

Shweta · Answer

Hi Can carmack 
 You can configure block risky file types under Web control policy > additional security options configure access to advertisements, uncategorized sites, and risky downloads. Kindly refer to this document for more information. When Sophos Anti-Virus/Sophos Intercept X encounters malware it will prevent execution and then attempt to automatically clean the threat.

GIJoe · Answer

Hey Can carmack, 
 Not sure if you're asking if you block the inbound files by type from entering your network of if you're asking if Intercept will block files that contain mailware. So, I'll answer both... 
 Files containing malware - Intercept X won't stop the files from coming into your environment, but when the files are accessed they will be scanned and if containing malware will be blocked/quarantined and cleaned. Intercept has to see the files before it can scan them :) 
 Blocking file downloads/attachments etc - yes and no - you could configure Web Control to block downloads, but that will only apply to files that are downloaded from within a browser. 
 
 You could use a DLP policy to block by file type, but that would also block files being attached to Outlook for internal mail too. 
 If you want to only block data from being downloaded over the internet regardless of application, you would need to leverage other technologies such as firewalls and email gateways. 
 Joe

Prohibit Intercept X Advanced users to download .exe, .scr files

Submitted a Tech Support Case lately from the Support Portal?