1 Reply Latest reply on Jul 8, 2011 6:57 AM by Attila Polinger

    Temporary Internet Files

    clisanti

      My question is how are you managing this local workstation folder?  Its obviously a vector for all types of malware.  We currently use an active directory GPO to set the temp Internet files to delete each time the browser is closed.

      The issue is there are a few Intranet applications where without the caching of the files,  to get to a logon screen takes well over a minute each time to allow these files to download new.

      But when the files are in cache, its only in the 10 second range for the logon screen logo to appear.

        • 1. Re: Temporary Internet Files
          Attila Polinger

          Hi,

           

          it is really just a guess: with VirusScan Access Protection, try enabling the "Prevent programs running files from Temp folder" rule (block and notify) and set those intranet applications as exceptions to this rule. You'll need to first block all, invoke that intranet app (see that it is blocked) and look into AccessProtectionlog.txt to see which processes exaclty belong to the app. May take a hwile until all relevant processes are excluded. No other - even malware - can run programs from the Temp folder (alas, normal installations from the web, too)

           

          Attila