Filtering Content of Gateway and CDS Files
Files passing through gateways or security systems are checked for unwanted or harmful content.
Plain language
When files go in and out of your organisation through online systems, they need to be checked for harmful or unwanted content. This is important because if harmful files slip through, they can introduce viruses, steal information, or cause other serious damage, much like letting germs into a clean environment.
Framework
ASD Information Security Manual (ISM)
Control effect
Preventative
Classifications
NC, OS, P, S, TS
ISM last updated
Feb 2022
Control Stack last updated
19 Mar 2026
E8 maturity levels
N/A
Official control statement
Files imported or exported via gateways or CDSs undergo content filtering checks.
Why it matters
Without gateway/CDS content filtering, imported or exported files may carry malware or hidden data, leading to compromise, leakage, or disruption.
Operational notes
Apply gateway/CDS file-type allowlists and AV/sandbox scanning; tune filters for macros/archives, and investigate blocks/alerts in transfer logs.
Implementation tips
- IT team should establish a procedure to filter files: Define the types of harmful content (like viruses or inappropriate material) that need to be blocked. Use software that automatically checks files against this list before they enter or leave your organisation.
- The IT manager should set up and test the content filtering system: Choose software or a service that scans files and stops harmful content. Make sure it’s tested by trying to filter a file with known threats and see if it stops them effectively.
- Office manager should train staff on file handling: Explain to employees why files need filtering and how to follow correct file saving and transferring procedures. Guide them on what to do if they suspect a file is harmful.
- Procurement should ensure vendors provide secure file transfers: When selecting cloud or software services, require them to have built-in file filtering systems and obtain a summary of how they protect file integrity.
- HR and IT should create a reporting policy for suspicious files: Establish an easy way for staff to report any file they think might be unsafe. Encourage them to use this system and provide feedback on how it works.
Audit / evidence tips
-
Askcontent filtering policy: Request the document that explains the standards and procedures for filtering files at gateways
Goodwill have a comprehensive policy updated within the last year
-
Asklogs from the filtering system: Request records showing how files have been processed and any harmful content detected or stopped
Goodwill show regular activity and a log of incidents and their resolutions
-
Askto see the training materials on content filtering: Request documentation or slides showing staff training sessions
Goodincludes recent dates of training and regular updates based on new threats
-
Askreports on the effectiveness of file filtering software: Request recent evaluations or audits of the filtering system’s performance
Goodprovides evidence of regular testing and adjustment based on feedback
-
Aska list of vendors’ security credentials: Request verification documents from service providers on their content filtering practices
Goods show recognised and recent certifications
Cross-framework mappings
How ISM-0659 relates to controls across ISO/IEC 27001, Essential Eight, and ASD ISM.
ISO 27001
| Control | Notes | Details |
|---|---|---|
| sync_alt Partially overlaps (2) expand_less | ||
| Annex A 8.12 | ISM-0659 requires content filtering of files traversing gateways or CDSs to prevent harmful or unauthorised content being imported/exported | |
| Annex A 8.23 | ISM-0659 requires that files imported or exported via gateways or cross domain solutions (CDSs) undergo content filtering checks to detec... | |
These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.