Saving Files to Removable Devices, Writable CD Drives or Network Folders

Deployment Guide › Client Agents: File and Print › About the Client File System Agent › What Filters Does the CFSA Use? › Saving Files to Removable Devices, Writable CD Drives or Network Folders

Saving Files to Removable Devices, Writable CD Drives or Network Folders

The CFSA process is summarized below and in the flow chart 'Removable devices, CD drives, network folders'.

Trusted Application filter: First, the CFSA checks which application the user is using. If this is:
- A ‘trusted application’ as defined in the local machine policy, the user is allowed to copy or save the file. No further policy is applied.
- Any other application, the CFSA checks the policy handling for the target device or network location and applies the device filter or network filter.
Device filter or Network filter: These filters, which also apply to writable CD and DVD drives, are defined by the ‘handling’ for removable devices and network locations. The available handling options are defined in the local machine policy:
- Allow write access: That is, users can always save files to this device, CD drive or network location.
- Set to read only: Users are blocked from saving files to this device, CD drive or network location.
- Apply user policy: If the user is using a policy‑enabled application to copy, save or burn a file, the CFSA applies Data In Motion triggers to the file or document (see step 3). If the application is not policy-enabled, the CFSA blocks the file operation.
You can configure default handling for unrecognized devices or network locations and custom handling for ‘special devices’ and ‘special locations’.
Policy-enabled Application filter: These are applications that the CFSA can integrate with to apply user policy. If a user copies or burns a file using a policy-enabled application and the device or location handling is set to ‘apply user policy’, the CFSA applies Data In Motion triggers to the file.
Important! The only policy-enabled applications recognized by the CFSA in the current release are Windows Explorer (including drag and drop copying) and DOS commands such as copy and xcopy.
User policy filter: If a user saves, copies or burns a file using a policy-enabled application and the device or location handling is set to ‘apply user policy’, the CFSA applies Data in Motion triggers to the file or document being copied. These triggers analyze the file’s properties and text content, and can even apply a further device filter. The results of this policy processing determine whether the CFSA blocks or allows the file operation.

More information:

CFSA Terminology

CFSA Flow Chart: Removable Devices, CD Drives, Network Folders

Email CA Technologies about this topic