How to setup File Protection for Change Auditor (4294805)

Chatee ahora con Soporte

Obtener ayuda en vivo
Completar registro

Iniciar sesión

Solicitar precios

Comuníquese con Ventas

Regresar

¿Este artículo solucionó su problema?

[Seleccionar calificación]

Título

How to setup File Protection for Change Auditor
Descripción

How to setup File Protection for Change Auditor 7.x
Causa

Change Auditor uses FSDriver.sys to capture file access events and filter them based on the File Protection Templates configured for this location.
Resolución
Pre-Requisite:
- Have the Change Auditor for Windows File Servers license installed.
- Change Auditor Agent on the system containing the folder/files to protect
Process:
- Open the Change Auditor Console
- In Administration | Protection, add New Template
- Enter a Name for the Template
- Enter a Path
  - The Path must be a local Path from the Target Agent perspective
  - ie: C:\Temp and not \\192.168.0.1\FileShare nor \\FileServer\FileShare
- Press Add
- Select the options to apply to the object
- Add file filter if required
- Click Next (Optional)
- Select Allow or Deny to AD Objects
  - ie: Allow user to bypass protection or Deny a specific user from accessing protected objects
- Add Scheduled Protection (Optional)
- Add Location to protect from (Optional)
  - Allow to aply restriction for specific IP range clients, etc...
- Click Finish
- Right-click the Template and select Assign to Configuration
- In Configuration, make sure the Template is applied to the proper server and Enabled then click OK
- Click Refresh Configuration
  - The Refresh should be a matter of second
How to confirm that the configuration is applied:
- Open the Agent Logs
- Search for ITFA Plug-in Protection
- The following entry should be present
ID: 13458 Time: 5/30/16 19:14:44.649
Level: INFO
Thread: 4320
Logger: CAAD.Agent.CFileSystemSink
File: FileSystemSink.cpp
Function: CFileSystemSink::UpdateConfiguration
Line: 279
Message: ITFA Plug-in protection config: protect="true" allow="false" location-protection-types="0" applies-to="FD" access-types="CD">

Restrictions on File Protection:
- Supports only Local Drive not NAS
- Should not be used to replace comprehensive NTFS security/access control lists
- Should not be used on Admin Shares
- Should be used only on critical objects
How to Report on protection violation:
- In order to monitor any file/folder protection violation, an Audit Template should be created
- Please note that File Protection and Audit are separate functions.
Información adicional

https://support.quest.com/technical-documents/change-auditor-for-windows-file-servers/user-guide/

¿Este artículo solucionó su problema?

[Seleccionar calificación]

Solicitar un artículo KB

Contenido recomendado

Producto(s):: Change Auditor
7.5, 7.4, 7.3, 7.2

Tema(s):: Configuration

Historial del artículo:: Creado el: 5/30/2016
Última actualización: 2/28/2025

Buscar todos los artículos

Seleccione su producto:

Con el fin de ofrecerle un mejor servicio, complete el campo Motivo del chat:

Soluciones recomendadas para su problema

How to setup File Protection for Change Auditor (4294805)

Título

Descripción

Causa

Resolución

Información adicional

Leave a Comment