File access rules allow the system administrator to limit the actions performed on a system file and by whom.
Rule Creation
- To create a File Access rule, from the ZeroLock® Management Console (ZMC), go to Dashboard | Control Policies | Rules. Under the Actions drop-down menu, select Add New Rule.
- On selecting Add New Rule, the New Policy Rule screen will appear. Using the variety of features offered for this Rule Type, craft a rule that fits the exact File access control action you want ZeroLock® to monitor. Once the File Access Rule is properly configured, click the Create button.
- The newly created rule appears as the last rule created.
Note: Fields with an * only appear when Block Operation is selected.
Add New Policy
Before implementing a rule on an endpoint, it must first be applied to a policy.
- Navigate to the Control Policies | Policies page. Then select the Add New Policy button.
- On the New Policy dialog box, enter a name and description. To add the new File access rule, click the Add Rules button.
- Selecting the Add Rules button opens the Policy Rules screen from which you select the rule(s) you want for the policy.
- Select the File Access rule, then click Add Selected, which returns you to the New Policy screen. Select Create to complete the new policy creation process.
Note: Instead of scrolling to the bottom of the entire list of rules, sorting by ‘File Type’ will only list the rules of that type.
Create a New Configuration Profile
The policy must be added to a Configuration Profile to apply the new File Access policy to an endpoint.
- Navigate to the System Configuration | Config Profiles page, where you will click the Add New Profile tab.
- On the next screen, enter a name and description for the configuration profile you are creating. Select File Access Policy from the default drop-down menu in the Default Control Policy box, then click CREATE.
- The File Access Profile is now listed among the available profiles.
Apply the New Profile to an Endpoint
The final step is to apply this profile to an endpoint.- From Endpoints, select an endpoint to apply the Canary File policy. Then,
select Set Endpoint Config from the Actions drop-down menu. - Select Demo-File Access configuration from the Set Endpoint Configs drop-down menu, then SET CONFIGS.
- On the Endpoints screen, the Endpoint #2 profile has changed to reflect the File Access profile.
Congratulations, you have successfully created and applied a File Access rule.