https://community.checkpoint.com/t5/General-Topics/Whitelist-Files-in-Threat-Prevention/m-p/185506#M30934 <P>The file type is blocked per your log card, which means it doesn't matter what the MD5 is.<BR />You will need to create an exception similar to:&nbsp;<A href="https://support.checkpoint.com/results/sk/sk137812" target="_blank">https://support.checkpoint.com/results/sk/sk137812</A>&nbsp;</P> Mon, 03 Jul 2023 20:21:03 GMT PhoneBoy 2023-07-03T20:21:03Z https://community.checkpoint.com/t5/General-Topics/Whitelist-Files-in-Threat-Prevention/m-p/184910#M30804 <P>Can you please tell me what the whitelist files in the Threat Prevention policies is for?</P><P>The firewall is blocking a zip file by antivirus blade.<BR />We tried adding the MD5 hash of the file to the whitelist, but the blocking still happens.</P><P>I might be wrong somewhere. Can you tell me what might be the problem with this locking?</P> Tue, 27 Jun 2023 09:10:45 GMT https://community.checkpoint.com/t5/General-Topics/Whitelist-Files-in-Threat-Prevention/m-p/184910#M30804 Oliver_222 2023-06-27T09:10:45Z https://community.checkpoint.com/t5/General-Topics/Whitelist-Files-in-Threat-Prevention/m-p/184994#M30823 <P>Version/JHF?<BR />What blades are active on the gateway?<BR />Screenshots of all relevant logs (with sensitive details redacted)?</P> Tue, 27 Jun 2023 20:44:00 GMT https://community.checkpoint.com/t5/General-Topics/Whitelist-Files-in-Threat-Prevention/m-p/184994#M30823 PhoneBoy 2023-06-27T20:44:00Z https://community.checkpoint.com/t5/General-Topics/Whitelist-Files-in-Threat-Prevention/m-p/185462#M30930 <P>R81.10 / Take 81</P><P># enabled_blades<BR />fw vpn cvpn urlf av appi ips identityServer SSL_INSPECT anti_bot ThreatEmulation content_awareness mon</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="block log.jpg" style="width: 400px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/21626i46116A732E532F20/image-size/medium?v=v2&amp;px=400" role="button" title="block log.jpg" alt="block log.jpg" /></span></P><P> </P><P> </P> Mon, 03 Jul 2023 14:55:08 GMT https://community.checkpoint.com/t5/General-Topics/Whitelist-Files-in-Threat-Prevention/m-p/185462#M30930 Oliver_222 2023-07-03T14:55:08Z https://community.checkpoint.com/t5/General-Topics/Whitelist-Files-in-Threat-Prevention/m-p/185506#M30934 <P>The file type is blocked per your log card, which means it doesn't matter what the MD5 is.<BR />You will need to create an exception similar to:&nbsp;<A href="https://support.checkpoint.com/results/sk/sk137812" target="_blank">https://support.checkpoint.com/results/sk/sk137812</A>&nbsp;</P> Mon, 03 Jul 2023 20:21:03 GMT https://community.checkpoint.com/t5/General-Topics/Whitelist-Files-in-Threat-Prevention/m-p/185506#M30934 PhoneBoy 2023-07-03T20:21:03Z https://community.checkpoint.com/t5/General-Topics/Whitelist-Files-in-Threat-Prevention/m-p/185572#M30945 <P>I don't quite understand the phrase "it doesn't matter what the MD5 is". What is the reason for this behavior?<BR />We are configured according to "Method B: Allow for only the specific files."&nbsp;<A href="https://support.checkpoint.com/results/sk/sk137812" target="_blank" rel="noopener noreferrer">sk137812</A><SPAN>&nbsp;</SPAN></P> Tue, 04 Jul 2023 12:18:04 GMT https://community.checkpoint.com/t5/General-Topics/Whitelist-Files-in-Threat-Prevention/m-p/185572#M30945 Oliver_222 2023-07-04T12:18:04Z