Creating a new file filter template

Follow these steps to create a new File filter template:

  1. Select New and then Template.

  2. On the General tab, enter a name in the Template description field and optionally a comment.

  3. Next, open the Read filter tab. All file extensions specified here are checked each time a file is read or copied from a specific drive (e.g. a removable hard disk). You can either allow or block an extension. Enable Allow all files if you do not want to set up a read filter. To allow only certain file types, select Allow only selected extensions. If you want to forbid certain files, check Do not allow selected extensions. Unless content checking has been explicitly disabled for a particular file type, DriveLock also checks whether the content and the file extension match. If this is not the case, access to this file is blocked. Click Add to add more file extensions to the list. You can also choose from the existing file type groups. Select the required extensions (or enter the required extension) and click OK to add the selection to the list.

  4. Then open the Write filter tab and proceed as described for the read filters. All file extensions configured here are checked each time a file is copied to a specific drive (e.g. a removable hard disk) (or when a write access occurs).

  5. Next, open the Audit tab. These monitoring settings determine which monitoring events are generated. Customize them according to your company policy or requirements.

    Monitoring events are sent either to the Windows Event Viewer or - if available and configured - to the DriveLock Enterprise Service.

    Please note that monitoring file operations may affect the performance of your systems. Furthermore, a user activity may generate more than one event (e.g. opening a Word document results in three different entries because Word first opens the file, then writes information - Last Access - and then opens it again.

  6. On the Shadow tab, you specify the files you want to create shadow copies from. You can therefore set whether no shadow copies or shadow copies of all files are created, or only of files that are read or written. Furthermore, it is possible to specify a list of file extensions for which shadow copies are created (Create shadow copy for selected file types only) or not (Do not create shadow copy for selected file types).

    It is possible to create a File filter template for shadow copies only.

    A filter template created in this way can be used for individual whitelist rules and for drive classes.

    To do so, open the Shadow tab for the relevant drive class (e.g. USB) or for device-specific whitelist rules.

  7. On the User/Process exclusions tab you can exclude users or processes from a shadow copy and logging,same as you can exclude folders and files on the File exclusions tab.

  8. On the Quota tab, you can select one of the two options When reading, deny access to files larger than ... KB or When writing, deny access to files larger than ... KB to prevent read or write access to files that are too large. Enter an appropriate number. You can also limit the amount of data.

  9. On the Archives tab, two options, each for read and write accesses separately, are available so that DriveLock applies this file filter also within archive files (ZIP and RAR). If you want DriveLock to search within these archives for the files defined in this template, enable one or both of the options [...] Scan archive files.

    To generally block archives that contain archive files, activate the Block nested archives option.

    To block archives that are password-protected and cannot be checked for that reason, activate the Bock password-protected archives option.

    Please note that for technical reasons, archive scanning is currently not yet possible for network and WebDAV drives.