Data In Motion triggers include general settings that let you specify which types of data you want the CFSA, CPSA, or Client Network Agent to detect. This section focuses on the key Data In Motion settings for the CFSA.
In each Data In Motion trigger, this setting instructs the trigger to analyze files or documents captured by various CA DataMinder agents.
Verify that the following sources are selected:
You must select this agent if you want to analyze files being copied to removable devices, network locations, or sync folders in Windows Explorer.
(Optional) Select this agent if you also want to analyze files being copied to file sync websites such as DropBox.com.
(Not applicable to file sync operations and files copied to network folders. To specify network locations, edit the Top Level File Lists settings.)
Note: Depending on the Which File Sources? setting, the Targets settings can specify lists of removable devices, printer names, network folders, URLs, or writable CD drives.
For the CFSA, you can specify lists of included or excluded devices. These lists are similar to the Special Device List settings in machine policy.
Type the names of the devices that you want to include or exclude. Use ? and * wildcards if required. If a device name contains spaces, you do not need to enclose it in quotes.
If you set up the trigger to use:
Device names are shown in the Windows Device Manager applet. You can also see them in Windows Explorer. When you view the properties of a removable drive, the device name is listed in the Hardware tab of the Properties dialog.
You can also check device names in Windows Device Manager. Note that Device Manager automatically appends 'USB Device' to device names. You must omit this appended text when you specify the device name in the machine policy or user policy. For example, if the Device Manager lists 'Unipraxis DataStick 2.0 USB Device', enter this in the policy as 'Unipraxis DataStick 2.0'.
All Data In Motion triggers include Top Level File Lists. Use these lists to detect normal files or zip files, or files in network locations.
Edit these lists to identify the names of files that you want to apply policy to. For example, you can specify:
For each trigger, choose whether to use an Included, Excluded or Ignored file list.
You also use this setting to specify UNC network paths. This path must use a fully qualified domain name (FQDN). Use a wildcard to detect all files in the specified folder. For example:
\\UX-FILESVR-01\New Project\Reports\*.*
If a path contains spaces, you do not need to enclose it in quotes.
If required, Data In Motion triggers can look for files contained within a zip file or embedded in a master file. To do this, edit the Individual/Embedded File Lists. For each trigger, you can choose to use an Included or Excluded file list.
Using these lists in conjunction with the Top Level File Lists, you can feasibly search all .zip files for a specific file. For example, set Included Top Level Names to *.zip and Included Individual/Embedded File Names to *.doc to search for all .doc files contained within .zip files.
In each Data In Motion control action, the Intervention setting determines how the CFSA handles files being copied to removable devices, network locations, or sync folders. The available options include Block, Warn, Inform, Categorize and Encrypt (the user must supply a decryption password).
Note: The CFSA cannot encrypt files being copied to network locations.
|
Copyright © 2014 CA.
All rights reserved.
|
|