cancel
Showing results for 
Search instead for 
Did you mean: 
ulyses31
Level 16

DLP 9.3: How to monitor files in a shared folder

Jump to solution

Hi everyone,

I'm trying to set Host DLP to monitor which users are accessing any file on a shared folder. I've been trying to set tagging rules based on the share location and then set a protection rule for system files but the only thing I can do is allow or deny file creation but not register activity on file access.

Anyone knows if it's possible to only monitor file access on a shared folder?

Thanks in advance.

Laszlo

0 Kudos
1 Solution

Accepted Solutions
vimalnavis
Level 13

Re: DLP 9.3: How to monitor files in a shared folder

Jump to solution

For the requirement you mentioned earlier:

and my customer wants to know if we can block access to these files (i.e. they shouldn't be able open files directly from within the folder nor transfer the files to the endpoint) for any domain user except for a specific AD group that would have full access to the folder and any file inside.

you don't need another product. Just setup the share permissions to allow only authorized users.

0 Kudos
7 Replies
ulyses31
Level 16

Re: DLP 9.3: How to monitor files in a shared folder

Jump to solution

Well, I finally found how to monitor any access to files on a shared folder using tagging rules and an Application File Access Protection Rule.

Now next thing I need to do is blocking access to any file on this folder except for authorised users but I can't see whick kind of rule could do this, anyone can help me?

0 Kudos
cnorris
Level 10

Re: DLP 9.3: How to monitor files in a shared folder

Jump to solution

Hello Laszlo,

Can you provide more information on the share, it's server and the clients please?

Controlling access to a share is not something DLPe is designed to do however you can tag files from that share if they are transferred to the endpoint. However having said that please provide more details and it'll help with any solution.

many thanks

Chris Norris

Global Support Engineering Operations

0 Kudos
ulyses31
Level 16

Re: DLP 9.3: How to monitor files in a shared folder

Jump to solution

Hi Chris, thanks for your help.

All of this is about a specific folder located under a domain server. This folder can be accessed by any domain user (there are differet kind of files like pdf, office docs, etc...) and my customer wants to know if we can block access to these files (i.e. they shouldn't be able open files directly from within the folder nor transfer the files to the endpoint) for any domain user except for a specific AD group that would have full access to the folder and any file inside.

I managed to only monitor access to files inside the shared folder but I don't know if it's possible to deny acces to them depending on which AD group you belong to. Maybe, as you told before, DLP is not a product designed this way?

Thanks in advance,

Laszlo

0 Kudos
vimalnavis
Level 13

Re: DLP 9.3: How to monitor files in a shared folder

Jump to solution

DLP products are not a replacement for products designed for access management.

0 Kudos
ulyses31
Level 16

Re: DLP 9.3: How to monitor files in a shared folder

Jump to solution

Hi vimalnavis, so is there another McAfee product for this? Maybe McAfee Change Control?

0 Kudos
vimalnavis
Level 13

Re: DLP 9.3: How to monitor files in a shared folder

Jump to solution

For the requirement you mentioned earlier:

and my customer wants to know if we can block access to these files (i.e. they shouldn't be able open files directly from within the folder nor transfer the files to the endpoint) for any domain user except for a specific AD group that would have full access to the folder and any file inside.

you don't need another product. Just setup the share permissions to allow only authorized users.

0 Kudos
ulyses31
Level 16

Re: DLP 9.3: How to monitor files in a shared folder

Jump to solution

Thanks vimalnavis, this is what I told this morning to my customer.

0 Kudos