Disable Log without Response Rule

I need a solution

Hi,

I have a policy name is File A with rule to detect by keyword. I want to monitor and block when endpoint copy file A to USB and HTTP/HTTPs so I enable option Removable Device and HTTPS, HTTP on Agent Configuration. I config Response Rule with Endpoint Prevention: Block when any protocol as Removable Device, HTTPS, HTTP, everything is okay.  But I have another policy name File B to classify another file and I want to monitor when it is copied to network file server –> I enable option Copy to Network Share on Agent Configuration. And DLP Agent still sent the log of File A when I copy it to File Server. How can I disable it because I only need log of File B when It is copied to File Server ?

Thank in advance.

0

Related:

  • No Related Posts

Version 14.x Application Control Rules are not working

I need a solution

We use Application Control rules to prevent users installing applications or running executables by limitting applications to run only from the following locations:

%PROGRAMFILES(X86)%..exe

%PROGRAMFILES%..exe

%PROGRAMDATA%..exe

%WINDIR%.*.exe

we also allow certain apps to run from other locations based on their fingerprints. This is preventing executables from trying to run from various places, most notably the users’ AppData folder due to ransomware and other malicious software.

Everything was working fine until we upgraded SEP from 12.x to 14.x

However, we are having problems with version 14.x

For example if a user clicks a hyperlink in an Outlook email and if Internet Explorer is the default browser for hyperlinks, SEP prevents this action. Logs shows that during this process, a randomly named temporary file is created under user’s TEMP folder which is not a permitted location. However this temporary file doesnt have an EXE extension and its name changes everytime. (The similar issue happens when java.exe calls java Updates – both from allowed locations listed above. A randomly named temp file is created under user’s TEMP folder and SEP prevents Java Updates)

We created a case with Symantec and after several months the engineer recommended that we should include user’s TEMP folder in the allowed locations. I tried to explain that using Application Control makes no sense if we are to allow running applications from the TEMP folder. However the engineer insisted this is how it should be done. 

Am I missing something here? or SEP’s application Control feauture is broken and has no use.

Thanks

0

Related:

  • No Related Posts

Client push error.

I need a solution

Unable to client push SEP on other machines. it is possible when i take RDP of the machine and copy the setup and install the endpoint protection.

machine is already in domain. But not able to client push SEP. The error is like “Failed to download and/or install the remote Installation Service. A logon request contained an invalid type value.”

Error: -2   ApiError: 0  Message: Failed to download and/or install the remote Installation Service. A logon request contained an invalid logon type value.

0

Related:

  • No Related Posts

ShareFile Folder Invitations


How can I invite users to sign up for access to a folder on my account?

In order to create or edit a Folder Invite, you must have the Admin permission on the folder you wish to link.

  1. Navigate to the folder you wish to invite recipients to
  2. Access the More Options menu beside the folder name.
  3. Click Create (or Edit) Folder Invite.

Customize the options outlined below.

If you lose your link, you can return to it any time using the above steps.

Title – Shown to the client when they receive the invitation.

Description – Note displayed to client when they receive the presentation. This field can be a maximum of 100 characters.

Max Sign-Ups – Maximum number of times a unique client can use the invitation to sign up for an account.

Link Expires In – Duration of time the Folder Invite link is can be used to sign up for an account.

Notify Folder Admins when invitees sign up – Track which users use the links to sign up for an account.

Folder Access Permissions – Permissions the users will have on the folder once they have signed in.

When you click Create Invitation, a link will be displayed. You may copy this link and paste it wherever you need.

FAQ

If I create a folder invite at a root-level folder, will the user permissions also apply to subfolders in that directory?

Yes. If you do not wish for permissions to be carried into subfolders, you must manage those user permissions on a folder by folder basis.


What will my clients see when they click on the invitation link?

When your clients click on the invitation link, a page will open requesting their name, email address, and company name. If the user has never logged in before, the system will recognize this based on their email address and prompt them to choose a password in a second sign-up screen. If they’re already a user on the account, they will be prompted to enter their ShareFile credentials.

Once the users have signed in, they will be able to see the folder screen with the appropriate permissions.

Can I change the settings on a folder invitation link that I have already sent?

If you would like to edit the settings on an existing invitation link, you can return to it any time using the above steps. under More Options.


The total count of users who have accepted your invitation to access the folder will be listed directly below the Edit Folder Invitation link in the More Options menu. You may also expire the link if it is no longer needed.

Users will not be notified if a Folder Invitation is modified.

Related:

  • No Related Posts

Document not saved and Invalid Disk

I need a solution

I’m having two odd issues.  I have encrytion being done based on Active Directory Groups.  There is a single user in group one that has an issue where some office documents they cannot save, when they try they get “Document Not Saved”.  This is odd because it is only happening to one person in the group and this person can save some files in the encrypted network share but not others.

The second person is trying to rename a folder but gets “Invalid Disk”.  This folder they are trying to rename is at the top level of their encrypted share.  I had them go down one level and try to rename one of those folders and they could without issue.

Some troubleshooting steps I have taken are the following:

– I had both users attempt to complete their task in an unencrypted location.  I also had them try to compmlete their task with the same files/folders in a decrypted state and both situations worked.

– I have compared both users to other users in the group that are not having issues.  All PGP settings and NTFS settings are identical.

– I have removed PGP and its associated folders from the two user’s computers and completely re-installed.  This did not help.

Any thoughts?

0

Related:

  • No Related Posts

File Retention Policy

Overview

The File Retention Policy determines how long files are retained in a specific folder. You can set a default file retention policy for all newly created folders if you are an administrator for the account. To set a policy, click into the root level folder you would like to set the policy on. You have the option to have files deleted 1 day, 7 days, 14 days, 30 days, 60 days, 90 days, 6 months, 1 year or 2 years after they are uploaded.

This applies to all files in the root level folder, as well as all files within the subfolders.

Account-wide default settings can be configured by an account Admin in the Advanced Preferences menu. When changing the account-wide setting, the new setting will only apply to newly created folders and not previous folders in your account.

Retention Policy FAQ

Will I be notified before my policy deletes my files?

Before files or folders are removed, a warning message is shown in the following locations:

User-added image
User-added image

If you set both a folder expiration date and a file retention policy, the most restrictive policy will take effect.

For example, if the folder expiration date is set to one week from today’s date and the file retention policy is set to 30 days then the folders and all its contents will be deleted under the one week policy.

When moving files and folders, they will inherit the new parent/root level folder’s policy.

For example, if you move a file from your File Box into a folder with a retention policy of 90 days, then the file will inherit a expiration date of 90 days from its uploaded date.

When setting a new policy or changing a policy on an existing folder there will be an automatic 7 day warning.

For example, if you uploaded a file six months ago and today set a file retention policy for 30 days, then the file will be set to delete in 7 days to avoid any accidental deletions.

Will the File Retention Policy delete all subfolders?

No – the files contained within the folders will be removed, but the empty folder will remain. To have folders automatically removed, try using a Folder Expiration Date lower down in this article.

What happens to files removed by retention policy?

Files deleted by retention policy stay in recycle bin as per the account policy. It can take up to 48 hours for items to show up in Recycle Bin.

It is possible to customize the retention policy of the Personal Folders section of your account via the Edit Folder Options link. Any changes made to the File Retention policy of your Personal Folders will supersede account-wide File Retention policy settings. If you do not want your users to have this ability, please contact ShareFile Customer Support to have this setting disabled.

Related:

  • No Related Posts

How to Create a Folder and Modify Folder Options

Create a folder to organize the files stored on your account. You have granular control of who can access files stored in a given folder, including the ability to control download and upload permissions.

If you’re looking for information on Folder Options, click here.

Permission Requirements

In order to create a subfolder, you must have upload permissions in the parent folder. To create a folder:

  1. Access the green Action Button and select Create Folder.
  2. Enter a folder name, description (optional) and a drop-down menu to add users.
  3. If you would like to allow other users to access this folder with specific permissions, click the checkbox for Add People to Folder. Leave this box unchecked if you do not wish to add users at this time, or if you plan to add users at a later date.
  4. ShareFile does not allow you to have duplicate folder names on the root of the account or in the same parent folder.
  5. Click Create Folder.
  6. To create a subfolder, repeat the above steps. If you wish to create another folder at the same level as the previous folder, you will need to navigate back to the original folder and repeat these steps.
User-added image

Share Your Folder with Others

Click here for information on how to share your folder with other users.


Create Folders in Bulk

The Bulk Folder Upload is designed for customers who want each of their clients to have their own folder within their account. The Bulk Folder Upload will add your client users to your ShareFile account, provide them with login information, and create folders for each client to access.

Click here to download the Bulk Folder Upload template. Please enter the following information in the provided columns:

  1. EmailAddress
  2. FirstName
  3. LastName
  4. Company
  5. Password (if left blank, the client will receive a randomly generated password)
  6. FolderName

When filling out the spreadsheet do not change the spreadsheet name or any of the column titles. This will cause an error in the upload.

Send the completed spreadsheet to ShareFile Customer Support with the following information:

  • Which root-level folder the new client folders will be created under
  • Who will be the Owner of the new Folders (either you or another Employee)
  • Which permissions and settings the client users should have. These include:
    • Ability to change their passwords
    • Add the user to the company Shared Address Book
    • Users can download from their folders
    • Users can upload from their folders
    • Can delete
    • Users are Folder Administrators
    • Users can receive download notifications
    • Users can receive upload notifications


You will also need to let ShareFile Customer Care know if the Welcome Email should be customized and if you want this sent out to all your new users at one time. Alternatively, you may send out the Welcome Email manually through the Manage Users link in your account.

You may submit the above request directly by clicking here: https://www.sharefile.com/support

Folder Creator vs Folder Owner

When a folder is created by a user, the creator will be listed as the Creator of the folder when viewing the folder as an individual item. Once you have navigated within that folder, you can view the current folder owner in the Folder Access pane at the bottom of the page. If a user created a folder, but has been removed from the account, that user will still be listed as the Folder Creator. However, Folder Owner will be changed when the deleted user’s folders and files have been reassigned to another user.

(The Creator Column denotes the original folder creator)

User-added image

(The current owner of the folder is denoted in the Folder Access pane)

User-added image



Available Folder Options

Folder Options can be accessed in the More Options menu when viewing a folder.




File Retention Policy

The File Retention Policy determines how long files are retained in a specific folder. You can set a default file retention policy for all newly created folders if you are an administrator for the account. To set a policy, click into the root level folder you would like to set the policy on. You have the option to have files deleted 1 day, 7 days, 14 days, 30 days, 60 days, 90 days, 6 months, 1 year or 2 years after they are uploaded.

This applies to all files in the root level folder, as well as all files within the subfolders.

Account-wide default settings can be configured by an account Admin in the Advanced Preferences menu. When changing the account-wide setting, the new setting will only apply to newly created folders and not previous folders in your account.

Will I be notified before my policy deletes my files?

Before files or folders are removed, a warning message is shown in the following locations:

User-added image
User-added image

Retention Policy FAQ

If you set both a folder expiration date and a file retention policy, the most restrictive policy will take effect.

For example, if the folder expiration date is set to one week from today’s date and the file retention policy is set to 30 days then the folders and all its contents will be deleted under the one week policy.

When moving files and folders, they will inherit the new parent/root level folder’s policy.

For example, if you move a file from your File Box into a folder with a retention policy of 90 days, then the file will inherit a expiration date of 90 days from its uploaded date.

When setting a new policy or changing a policy on an existing folder there will be an automatic 7 day warning.

For example, if you uploaded a file six months ago and today set a file retention policy for 30 days, then the file will be set to delete in 7 days to avoid any accidental deletions.

Will the File Retention Policy delete all subfolders?

No – the files contained within the folders will be removed, but the empty folder will remain. To have folders automatically removed, try using a Folder Expiration Date lower down in this article.

What happens to files removed by retention policy?

Files deleted by retention policy stay in recycle bin as per the account policy. It can take up to 48 hours for items to show up in Recycle Bin.

It is possible to customize the retention policy of the Personal Folders section of your account via the Edit Folder Options link. Any changes made to the File Retention policy of your Personal Folders will supersede account-wide File Retention policy settings. If you do not want your users to have this ability, please contact ShareFile Customer Support to have this setting disabled.



Folder Expiration Date

Items deleted via Expiration Policy cannot be restored from the Recycle Bin. To set a specific date on which a folder and all files contained within it are deleted:

  1. Access the folder you wish to delete.
  2. Access More Options beside the folder name and select Advanced Folder Settings.
  3. Under Folder Expiration Date, use the calendar or date format to specify the expiration date.
  4. Save.



Sort Files in a Folder

Files can be sorted by clicking on any header within the folder. The options are by Title, Mb, Uploaded date, or Creator. Folder Admins can change the default sort order in the Advanced Folder Options menu. Account Administrators can set account-wide sorting defaults in the Admin Settings section of their account, in Advanced Preferences.

Related:

Detection rule off HKEY_CURRENT_ User

I need a solution

I have a detection rule “Registry Key Value” this is looking for:

Registry Key Path: HKEY_CURRENT_USERSoftwareMeditechWrkstnMEDITECH_A

Registry entry: I

Registry Value: MEDITECH_A.chchealth.net

I also have the policy set to run as the current logged on user

One user does have the this reg entry but when logged in as users who don’t have the detection rule still comes back with a success and the policy does not run, any idea why? It seems like its still searching the entire hive instead of just the current user

0

Related:

  • No Related Posts