Community
User Guides
Support
Community
Help Forums
English Forum
General
About our Community
General Discussion
News and Feedback
Products
F-Secure SAFE
F-Secure FREEDOME
F-Secure KEY
F-Secure SENSE Router
F-Secure ID PROTECTION
Other products
Beta programs
Feature Requests
Finnish Forum (Tukifoorumi)
Tuotteet Kotiin
F-Secure SAFE
F-Secure FREEDOME
F-Secure KEY
F-Secure SENSE Router
F-Secure ID PROTECTION
Muut tietoturvatuotteet
Support Articles
Language
English
Suomi
Deutsch
Français
日本語
Svenska
Dansk
Italiano
Nederlands
Norsk
Polski
中文 (繁體)
Products & Services
F-Secure TOTAL
F-Secure SAFE / Internet Security / Anti-Virus
F-Secure FREEDOME
F-Secure KEY
F-Secure SENSE Router
F-Secure ID PROTECTION
Other products
Common topics
User Guides
Support
Login
|
Register
How can I block access to a particular file using Application Control? - F-Secure Community
<main> <article class="userContent"> <h3 data-version="2" data-article="000001830">Issue:</h3> <p></p><ul><li>Is there a way to block users from accessing or running a specific file with Business Suite products such as F-Secure Client Security and Server Security?</li><li>Can you for example block C:\Temp\temp.do or even the F-Secure Uninstallation Tool?</li></ul><h3>Resolution:</h3> <p>Email and Server Security 14.00 introduces the 'File access' event type to the Application control feature. This lifts the Application control feature to the next level - from controlling events like starting processes, loading DLLs and running installers to blocking access to any file.<br><br><b>Note: </b>The 'File access' event type is not currently supported by F-Secure Client Security 14.10 and Server Security 14.00. The next versions of these products will add this feature.<br><br>With the help of F-Secure Application Control file access rules, the admin can block the distribution and execution of a certain file in their environment.<br><br>When creating the rule, providing only a <strong>file hash</strong> as a rule condition is enough but may result in <strong>performance degradation</strong>, because of the need to calculate new digests, especially for big files. To optimize rule performance it is recommended to <strong>supply a file size</strong> as an extra condition for file access rules.<br></p><ol><li>Log in to Policy Manager Console</li><li>Select the host or domain from the Domain Tree</li><li>Go to the <b>Settings </b>tab</li><li>Go to the <b>Application control </b>page</li><li>Click <b>Clone </b>to create a custom profile which can be edited</li><li>Set the newly created profile as the <b>Host profile </b></li><li>Click <b>Add rule</b></li><li>Set <b>Event </b>as <b>File access </b></li><li>Set <b>Action </b>as<b> Block </b></li><li>Add condition: Target SHA1 - Equals - <file SHA1></li><li>Add condition: Target size - Equals - <file size></li><li>Click <b>OK </b>to save the rule</li><li>Distribute the policy (Ctrl + D)</li></ol><b>Note: </b>To be able to add the <b>target size </b>condition, you need to have F-Secure Policy Manager 14.30<br><br>This screenshot shows an example how to configure this in Policy Manager Console. This blocks users from launching a "bad" PDF file containing an exploit.<br><img alt="Application control supports blocking access to files" height="364" src="https://us.v-cdn.net/6032052/uploads/646/821FN3IMUPZR.png" width="500" class="embedImage-img importedEmbed-img"></img><p>Article no: 000001830</p> </article> </main>