Sandboxed files not downloading

Anyone else having issues with the Sandbox where files don’t download?
It seems to be guaranteed to fail if downloading a number of individual files from Wetransfer as a zip.
It takes just over 10 minutes before finally getting redirected back to Wetransfer at which point their dynamic link has timed out and the file is no longer available.
Similar issues experienced with files hosted on AWS.

It seems that the main problem is that the sandbox service is just too slow.

Hi Tony,

There are a few ways to manage how a file download attempt is treated when it is also being analyzed by Zscaler Cloud Sandbox. Have you reached out to Zscaler Support via https://help.zscaler.com/submit-ticket on this case yet? If not, I would encourage that as they would be best equipped to troubleshoot the cases you have experienced and provide feedback on how to optimize your policy.

In short though, a file is generally analyzed by Cloud Sandbox only if it has never been seen before, has passed other security engines already without a clear verdict, and only if it is suspicious in nature. In your case, it seems that the file was temporarily quarantined, and after that, the dynamic link had expired. If that is the case, the user may need to re-authenticate the download request. If it is the same file, it will not be held a second time, and should be available for download, assuming it was not found malicious.

It is also possible to set granular policy on how to treat files that are being analyzed in Sandbox for the first time. Read more here https://help.zscaler.com/zia/configuring-sandbox-policy for the “First-Time Action”. Let us know if this helps.

Jozef K

1 Like

I would suggest you look at “Allow and scan” instead of “Quarantine”.
We have a very strict policy where we want to Quarantine everything.
We use a Custom URL Category to define which URLs hit the allow and scan policy if they behave in the way you are suggesting.