Under certain circumstances, CA DataMinder Network can fail to block downloaded documents. This can happen if a user waits one minute or longer before retrying to download a blocked document (for example, by pressing F5 to refresh the Web page).
Why does CA DataMinder Network fail to block the subsequent download attempt? When a user downloads a document from a Web site, CA DataMinder Network tracks the document, passing the document content to a policy engine for analysis but withholding the final segment of the document (technically, the final packet in the data stream) from the user's browser until the policy engine calls back with an instruction to block or allow the download. If the policy engine instructs CA DataMinder Network to block the download, the user's browser sees the connection being reset and informs the user that the document cannot be viewed. However, if the user waits and then retries to download the document, the browser may download just the final segment of the document. If this final segment does not cause a policy trigger to fire, CA DataMinder Network permits it to go to the browser, which can then display the complete document.
Note that CA DataMinder Network is designed to prevent this problem by blocking segments of previously blocked documents, but in each case this information is only cached for one minute. This timeout is necessary in case the document content on the Web server changes so that the document is no longer in breach of policy and does not need to be blocked. However, this method is also reliant on patterns of user behavior whereby a user will retry to download a blocked document as soon as it occurs but is less likely to do so at a later time.
|
Copyright © 2014 CA.
All rights reserved.
|
|