Endpoint Administration Guide for Windows › General Security Features › Bypass Drivers

Bypass Drivers

To specify that some drivers can operate without needing to submit operations for CA Access Control authorization checks, define a bypass for these drivers. For example, define a bypass for your antivirus program driver so that it can open files for scanning without CA Access Control authorization checks. Without the bypass, the driver might cause a deadlock with CA Access Control.

Note: A bypass for a current version of Trend Micro™ PC-cillin Antivirus is configured out-of-the-box.

To bypass drivers

1. Set the BypassDriversCount registry entry value to the number of drivers you want to define a bypass for.

   You can find this entry in the FsiDrv key of the CA Access Control registry.

   Note: You must stop CA Access Control before you can change CA Access Control registry entries.

2. For each driver you want to bypass:
   1. Create a registry entry of type REG_SZ named DriverName_drvNumber

      The first entry should be DriverName_0 and the last DriverName_X, where X is BypassDriversCount - 1.

   2. Edit each DriverName_drvNumber entry so that its value is the name of the program driver you want to bypass.

      The value should be the name of the driver only (for example, thisdrv.sys).

3. Restart CA Access Control.

   CA Access Control reloads and bypasses the drivers you defined in the registry.

Example: Bypass Drivers to Resolve Compatibility Issues

This example resolves a compatibility issue an antivirus product has with CA Access Control by defining the antivirus drivers (avDriverA.sys and avDriverB.sys) for bypass. You set registry entries for driver bypass in the CA Access Control registry tree under the FsiDrv key:

HKLM\SOFTWARE\ComputerAssociates\AccessControl\FsiDrv

Set the registry entries as follows:

The BypassDriversCount registry entry value of 2 tells CA Access Control to look for two drivers to bypass. Each DriverName_drvNumber registry entry value defines a driver to bypass.