Blocked files are not downloaded to the proxy, are not subject to any filtering policy, or scanned. In addition, these blocked files do not enter the LAN.

Users will receive a notification (similar to the following image) in their Web browser indicating they cannot download the requested file.

File type is determined by true file type rather than by file-name extension.

If blocking is enabled, the scan setting in Scan these file types will automatically default to All file types.

You can have IWSVA block certain file types for security purposes. For example, you may want to block executable files to be sure no infected files, Trojans, spyware, or other high-risk file type can be downloaded from the Web.

File blocking occurs based on the verified MIME-type. IWSVA checks the true-file type, not just the MIME-type (which can be easily forged) when the Enable MIME type validation check box is checked at HTTP > Advanced Threat Protection > Policies > (Policy Name) | Virus/Malware Scan Rule > Scan These Files Types (if not blocked) > MIME content type to skip > Enable MIME type validation.