Endpoint Administration Guide for Windows › Monitoring and Auditing › Events Interception › Interception Modes
Interception Modes
Based on the interception mode, CA ControlMinder intercepts, checks for authorization, and logs audit records of access request events. CA ControlMinder has the following modes of interception:
- Full Enforcement mode Full Enforcement mode is the normal operation mode for CA ControlMinder. In this mode, CA ControlMinder intercepts events and enforces the access rules written to the database.
- Audit Only mode Audit Only mode records all intercepted events without checking or enforcing access rules.
- No Interception mode No Interception mode disables CA ControlMinder event interception. In this mode, CA ControlMinder does not intercept events or enforce access rules.
Note: Warning mode Warning Mode is a property that you can apply to a resource, and an option that you can apply to a class. If Warning mode is applied to a resource or a class and an access violates an access rule, CA ControlMinder writes an audit log entry with the return code W, but permits the access to the resource. If a class is in Warning mode, all the resources in that class are in Warning mode. is not an interception mode; it works in Full Enforcement mode only and is designed for short term use during implementation.
|
Copyright © 2013 CA.
All rights reserved.
|
|
