6 Replies Latest reply on Mar 18, 2016 11:34 AM by alex.hawke

    Multiple Files in File/Folder Access Protection Rule

    csavage

      Is there any way to specify multiple file names in a File/Folder Access Protection Rule?

       

      Specifically, in VirusScan Enterprise 8.8 > Access Protection Policies > User-defined Rules >  File/Folder Access Protection Rule, on the line "File or folder name to block" is there a way to add more than one filename?

       

      For instance, in the recent "Protecting against Ransomware" bulletin, in the section "Rules to help track systems that have been affected by these threats," seven file names are suggested to block, such as *HELP_DECRYPT.HTML, *HELP_DECRYPT.TXT, *Howto_RESTORE_FILES.BMP and *Howto_RESTORE_FILES.HTML.  It would be handy to be able to list all of those filenames in one line in one rule, rather than having to make a separate rule for each filename.

       

      So far I have tried commas, semi-colons and spaces as separators in the "File or folder name to block" line without success. (When multiple files were listed, the rule did not trigger at all.  If only one filename is listed, the rule works well.)

       

      Does anyone know of a way to specify more than one filename to block, in one rule?

       

      - Charlie