You could, but you could also cause yourself a lot of grief if any applications rely on the downloads folder.
Test it out... create a rule that blocks Write and Create of new files to your downloads folder. Put it in Report only if you want to discover what apps use it, without affecting them.
Do you mean you want to stop users from downloading the updates from internet . if so you can do that from the McAfee Agent policies
I have created a USER DEFINED RULE in VSE access protection with process to include * and file/folder name to block *exe , actions to prevent new files being created but it is causing lot of problems with windows update and upgrade of MS Office etc. Is there another way i can give more intelligence to this rule and prevent my users from unnecessary downloads
Just a hint,
one of the biggest benefits using the Gatway Antimalware Engine is the following. Just Keep the following Infos in mind.
- MWG GAM: only 30% of malware from the Internet is detected and blocked with signature based Technology. For 70% you need another Approach or Technology.
- MWG GAM: The engine inspects dynamic code: This means, if active code triese to store a file on your disk in an unusual way, this code is removed.
- not any update is an *.exe file.
- not any file has an file Extension.
So Access protection can help in some cases, but will never be able to stop a wide band of Installations over the Internet. I some specific situations it could help, but there will be much more situations where Access Protection cannot help.