You can configure PortalProtect to block files according to the file type and file name and select the action for all the files that match your configuration. When you enable file blocking, PortalProtect blocks the files according to your configurations. File blocking can occur during real-time, manual, and scheduled scanning according to the settings your choose.
File blocking options vary according to the type of scan performed. Check the actions available for each scan type, whether Virus Scan, Manual Scan, Scheduled Scan.
The extension of a file identifies the file type, for example .txt, .exe, or .dll. Many viruses are closely associated with certain types of files. Some virus writers have tried to disguise their files by using extension names that are known to be harmless, so true file type blocking scans the header of files to determine their actual type. By configuring PortalProtect to block according to file type, you can decrease the security risk to your SharePoint servers from those types of files. Similarly, specific attacks are often associated with a specific file name. If you learn the name of an infected file, you can use PortalProtect to screen that file out of your SharePoint Portal.
Blocking is an effective way to control virus outbreaks. You can temporarily quarantine all high-risk file types or those with a specific name associated with a known virus. Later, when you have more time, you can scan the quarantine folder and take action on infected files.
Administrators can also use file blocking to enforce their company's policy restricting the sharing of non-work related files on their SharePoint servers.
First, choose whether or not to set up a quarantine folder.
Set an action for PortalProtect to execute on files that match your blocking options.
When PortalProtect detects a file that matches your blocking configuration, it executes an action to protect your SharePoint environment. The type of action it executes depends on the type of scan it is performing (real-time, manual, or scheduled) and the type of actions you have configured for that scan. Each time that PortalProtect executes a Quarantine action, it logs an event. You can view these from the Logs menu.
During this scan... |
PortalProtect executes this action... |
|
Real-time |
Block or Quarantine |
|
Manual |
Delete, Quarantine, or Pass |
|
Scheduled |
Delete, Quarantine, or Pass |
Quarantine: Move the file to a customized folder, removing it as a security risk from the SharePoint environment. To set the location of the Quarantine folder, click Quarantine Settings on the Action tab at the bottom of this group box, and type the location of the folder.
Pass: No action taken. File is passed.
Block: PortalProtect blocks the file from accessing the SharePoint server and logs an event.
Delete: During manual or scheduled scanning, PortalProtect deletes files that match the blocking options from the SharePoint environment.