Rules
      Back to home
      1. Vali Cyber Knowledge Base
      2. ZeroLock®
      3. Rules

      How to Create and Apply a File Access Rule

      File access rules allow the system administrator to limit the actions performed on a system file and by whom.

      Rule Creation 

      1. To create a File Access rule, from the ZeroLock® Management Console (ZMC), go to Dashboard | Control Policies | Rules. Under the Actions drop-down menu, select Add New Rule
        Step_1_Add New Rule_v4.1.10

      2. On selecting Add New Rule, the New Policy Rule screen will appear.  Using the variety of features offered for this Rule Type, craft a rule that fits the exact File access control action you want ZeroLock® to monitor.  Once the File Access Rule is properly configured, click the Create button.Step_2_New Policy Add Rules_v4.1.10-2Step_2_New Policy Rule Fields Numbered_v4.1.10Step_2_Field Explanation Table_v4.1.10
      3. The newly created rule appears as the last rule created.Step_3_Showing Rule Created_v4.1.10_KB


      Note: Fields with an * only appear when Block Operation is selected.

       

       

      Add New Policy

      Before implementing a rule on an endpoint, it must first be applied to a policy.

      1. Navigate to the Control Policies | Policies page.  Then select the Add New Policy button.Step_1_Add New Policy_v4.1.10

      2. On the New Policy dialog box, enter a name and description. To add the new File access rule, click the Add Rules button.Step_2_Add Rules_v4.1.10
      3. Selecting the Add Rules button opens the Policy Rules screen from which you select the rule(s) you want for the policy.
        Step_3_Policy Rules List_v4.1.10_KB

         

      4. Select the File Access rule, then click Add Selected, which returns you to the New Policy screen.  Select Create to complete the new policy creation process.

      Note: Instead of scrolling to the bottom of the entire list of rules, sorting by ‘File Type’ will only list the rules of that type.

      Step_4_Rule added Create_v4.1.10

      Create a New Configuration Profile

      The policy must be added to a Configuration Profile to apply the new File Access policy to an endpoint.

      1. Navigate to the System Configuration | Config Profiles page, where you will click the Add New Profile tab.Step_1_Add New Profile tab_v4.1.10
         
      2. On the next screen, enter a name and description for the configuration profile you are creating.  Select File Access Policy from the default drop-down menu in the Default Control Policy box, then click CREATE.Step_2_New Config Profile_v4.1.10-3
      3. The File Access Profile is now listed among the available profiles.Step_3_Profile Available_v4.1.10


      Apply the New Profile to an Endpoint

      The final step is to apply this profile to an endpoint.

      1. From Endpoints, select an endpoint to apply the Canary File policy.  Then, 
        select Set Endpoint Config from the Actions drop-down menu.Step_1_Endpoint Dropdown_v4.1.10
      2. Select Demo-File Access configuration from the Set Endpoint Configs drop-down menu,  then SET CONFIGS.
        Step_2_Set Endpoint Configs_v4.1.10-2
      3. On the Endpoints screen, the Endpoint #2 profile has changed to reflect the File Access profile.Step_3_Profile in Place_v4.1.10_KB

      Congratulations, you have successfully created and applied a File Access rule.