SafenSoft: proactive protection against malware and insider threats

Tel.: + 7 (495) 967-14-51   |   Contacts   |   Site map
 
 
Products
eStore
Downloads
Support
Partners
Company

File System

 Index |   << PreviousNext >>

The File system protection scope encompasses those access rules that deal with file system objects:

•        Reading a file or a folder.

•        Creating or Changing a file or a folder.

•        Deleting a file or a folder.

 

Masks (asterisks) can be used to create activity control rules for the file system objects of the same type or with similar names. Using masks you can easily filter the data to be protected.

 

Actions

1.Choose Activity policy in the context menu.
 

65

 

2. Switch to Common rules tab in the Application control policy window. Select the File system protection scope from the drop-down list.

 

136

 

3. Expand Drive C:\ tree and select No masks (press Ins to add the mask) parameter.

 

166

 

4. To set access rules for the group of objects with similar names or with same extension, Press Ins (Insert) button and enter the regular expression for the full file or folder name (including path to the object). Following masks can be used:

 

#*# - replaces any number of characters, except '\'

#**# - replaces any number of characters

#0# - equivalent to the comparison with zero byte

#?# -  replaces 1 character

 

5. For example, to set access rules for all files on the drive C:\ which have log in the file name and have .TXT extension: Press Ins (Insert) button and add following mask: #**#log#**#.TXT

 

NOTE

For the created mask:

•        Check the Read checkbox in order to protect all TXT files from reading by applications. This will automatically block changing and deletion of the TXT files.

•        Check the Write checkbox to protect all TXT files from creation and altering by applications.

•        Check the Delete checkbox to protect all the TXT files from being deleted.

 

6. Right click in the Use for column to change the group of applications which will be affected by the activity control rule:

•        All – the rule will be applied to all applications

•        Trusted – the rule will be applied to known/trusted applications, which are present in the system profile

•        Restricted - the rule will be applied to potentially dangerous – restricted or unknown applications, which are not present in the system profile

 

7. Right click in the Use for column and choose Additional item.

 

168
 

 

8. Change following settings in the Additional window:

Users – select the users to be controlled by the rule

 

139
 

Time – set time periods for the rule to be active. The rule will be active at all times by default

 

140

 

Exceptions – select applications to be excluded from the rule

 

141

 

7. Click on OK button in the Additional window to save changes

 

8. Click on OK or Apply button in the Common rules tab to save new rule and to update Application control policy.

 

167

 

 
1.Choose Activity policy item in the context menu.
 

65

 

2. Switch to Common rules tab in the Application control policy window. Select the File system protection scope from the drop-down list.

 

136

 

3. Select a file system object in the tree and

 

Check the Read checkbox in order to protect the file from reading by applications. This will automatically block changing and deletion of the file.

 

Check the Write checkbox to protect the file object from creation and altering by applications.

 

Check the Delete checkbox to protect the file object from being deleted.

 

137
4. Right click in the Use for column to change the group of applications which will be affected by the activity control rule:

 

All – the rule will be applied to all applications

 

Trusted – the rule will be applied to known/trusted applications, which are present in the system profile

 

Restricted - the rule will be applied to potentially dangerous – restricted or unknown applications, which are not present in the system profile

 

 

5. Right click in the Use for column and choose Additional item.

 

138
 

6. Change following settings in the Additional window:

 

Users – select users to be controlled by the rule

 

 

139

 

Time – set time periods for the rule to be active. The rule will be active all the time by default

 

 

140
 

Exceptions – select applications to be not affected by the rule

 

141

 

7. Click on OK button in the Additional window to save changes

 

8. Click on OK or Apply button in the Common rules tab to save new rule and to update Application control policy.

 

142

 

 

© SafenSoft, 2004-2011. All rights are reserved. License Agreement | Press Center | Awards | Contacts | Search | Site map | RSS

Host-based Intrusion Prevention System (HIPS) | The best virus protection | Application whitelisting | Application Integrity Control | Comprehensive Malware Protection | Application protection | Windows Startup / Registry Protection