Click to watch a video about Malware Protection, including how to configure the security exceptions

You can configure security exceptions for the Malware Protection policy, including placing URLs on an allowlist and controlling unscannable or password-protected files.

To configure security exceptions for the Malware Protection policy:

1. Go to Policy > Malware Protection.
2. Click the Security Exceptions tab.
3. In the Security Exceptions tab:
   • Password-Protected Files: Allow or Block users from uploading or downloading password-protected files. These files are allowed by default.

The Zscaler service doesn’t scan the content of password-protected files, whether or not these files are allowed.

• Unscannable Files: Allow or Block users from uploading or downloading files that the Zscaler service is unable to scan. This might occur if the file is an unrecognized file format, an excessive size, or recursively compressed. Unscannable files are allowed by default. If you block users from uploading or downloading unscannable files, the service launches the file upload or download and scans the file. The following rules apply when using the Unscannable Files setting:
  • The Zscaler service supports files up to 400 MB for Malware Protection scans. The Zscaler service does not scan files that exceed that limit.
  • If a file is within the size limit, it is allowed or blocked based on Malware Protection policy settings. If the file can't be scanned, it will be blocked, and any subsequent upload or download attempts are blocked. The service then displays an end user notification to prevent users from uploading or downloading it.
  • If a file exceeds the size limit and the Zscaler service can identify the file type, then the file is allowed or blocked based on File Type Control policy.
  • If a file exceeds the size limit and the Zscaler service cannot identify the file type, then users can download but cannot upload the file.
• Do Not Scan Content from these URLs: Enter the URLs you want to allowlist for malware protection and click Add Items. You can enter multiple entries by hitting Enter after each entry. You can add up to 1,024 URLs. To learn more, see Ranges & Limitations. For guidance on entering URLs, see URL Format Guidelines. For item lists, you can view up to 500 items on a page; filter the list by searching for a word, phrase, or number contained in an item; and remove the first 25K items from the list (Remove 25K Items) or only items from a specific page (Remove Page). If you select Remove 25K Items or Remove Page, a confirmation window will appear.

This allowlist also applies to the Advanced Threat Protection and Sandbox policies. If you want to allowlist URLs and files completely, you must also configure the URL Filtering and File Type Control policies. To learn more, see Adding URLs to the Allowlist.

See image.

4. Click Add Items.
5. Click Save and activate the change.