Edit settings in this folder to protect files files being copied to removable devices such as USB drives. These devices can also include SD cards and writable CD or DVD drives.
This folder contains the following settings:
These are applications that are exempted from CFSA control. That is, users are permitted to copy files to removable devices using these applications. For example, you may not need to monitor an in‑house system application that always encrypts files when saving.
Add the applications you want to exempt from the CFSA. You must supply the executable or process name, such as Winword.exe.
Note: Trusted applications override any device filters. That is, a user can copy a file directly from a trusted application to a removable device, even if the handling for that device blocks such copy operations or applies policy to the file content.
By default, lsass.exe is always included in this list—see the ‘trusted application’ definition in CFSA terminology.
If a client machine is protected by an anti-virus program, we recommend that you add the process name to the Trusted Application List. For example, add InoRt.exe if it is protected by CA eTrust Threat Management.
This setting instructs the CFSA to handle a fixed drive as if it were a removable drive. For example, some external hard disks declare themselves as being a fixed drive when in fact they are easily removable. Ordinarily, the CFSA would not apply policy to files being saved to these drives. To close this loophole, you can explicitly identify these drives as removable.
In the Treat These Drives As Removable setting, you can add the drive letter or the disk drive name (also called the ‘volume identifier’) set by the manufacturer. Drive letters must include a colon (such as D:). Disk drive names are shown in Windows Device Manager (such as IC25N020ATC504).
Note: The CFSA automatically treats writable CD and DVD drives as removable drives.
The handling determines whether a device is writable or read only. This setting controls attempts to copy files to unlisted devices (that is, any device not in the Special Device List). The available actions are exactly the same as the handling for special devices (see below).
Note: If no special devices are listed, the default handling is applied to all devices.
This is a list of removable devices that require specific handling by the CFSA. For example, you identify the devices you want the CFSA to control or the ones you want it to ignore.
In the Special Device List setting, type the names of the devices that require special handling. You can use ? and * wildcards if required. If a device name contains spaces, you do not need to enclose it in quotes.
Device names are shown in the Windows Device Manager applet. You can also see them in Windows Explorer. When you view the properties of a removable drive, the device name is listed in the Hardware tab of the Properties dialog.
You can also check device names in Windows Device Manager. Note that Device Manager automatically appends 'USB Device' to device names. You must omit this appended text when you specify the device name in the machine policy or user policy. For example, if the Device Manager lists 'Unipraxis DataStick 2.0 USB Device', enter this in the policy as 'Unipraxis DataStick 2.0'.
This setting determines how the CFSA handles attempts by a user to copy files to any removable device included in the Special Device List. The available actions are:
The user is allowed to copy files to listed devices. Policy is not applied.
The user is not allowed to copy files to listed devices (unless they are using a trusted application). Policy is not applied.
If the user attempts to copy a file to a listed device using:
|
Copyright © 2014 CA.
All rights reserved.
|
|