SonicOS 7.0 Objects

Negative Matching

Negative matching provides an alternate way to specify which content to block. You can enable negative matching in a match pattern when you want to block everything except a particular type of content. When you use the pattern in a policy, the policy executes actions based on absence of the content specified in the match pattern. Multiple list entries in a negative matching pattern are matched using the logical AND, meaning that the policy action is executed only when all specified negative matching entries are matched.

Although all security policies are DENY policies, you can simulate an ALLOW policy by using negative matching. For instance, you can allow email .txt attachments and block attachments of all other file types or you can allow a few types, and block all others.

Negative matching option is not available for all type of match object types. You can find the Enable Negative Matching option for eligible match object types on the Match Pattern Settings dialog box.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

  • Hidden
  • Hidden

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.
  • Hidden
  • Hidden