Elczar Adame's Shared Points on SharePoint


 

SharePoint File Filtering in ForeFront

The Forefront Security for SharePoint file filter feature gives you the ability to filter files with a specific type, extension, or names. Like in keyword filter feature, as we have explored in my previous article, the file filter can be configured to perform actions on the file such as delete, quarantine, notify, and report the detected file. A demonstration video is available for download in a limited number of days.

1.      Let us start by opening out ForeFront Server Security Administrator. In the shuttle navigator let us click Filtering, and then the File icon. Below is the illustration.

Filter

1.      In the upper pane of the File Filtering window, for demonstration purposes, let us select SharePoint (Manual Scan Job).

2.      In the File Names pane let us click Add, then type “*.docx”, and the press enter.

Electively, we can configure to filter files based on their size by specifying the size in kilobytes, megabytes, or gigabytes. Example: *.doc=>150KB.

3.      A .docx file may not have an OPENXML file type. In the File Types list box, ForeFront has provided us the facility to specify the file type associated to the selected File Name. For demonstration purposes, let us check the All Types checkbox at the bottom of the File Types list.

4.      Let us make sure that the File Filter is set to Enabled. And then, for our purpose, let us set the Action to Skip: Detect Only.

In my previous piece, I have briefly described the various Action options we could set for our filter.

5.      Let us uncheck the Send Notification and check the Quarantine Files option. And to confirm the configuration, let us click Save.  Below is the illustration.

Final

To check the filter we have defined, let us create a Word document, and then upload it in a document library in our SharePoint site. Subsequently, let us open our ForeFront Server Security Administrator, and in the Operate shuttle navigator, let us click the Quick Scan icon. Select the corresponding Web application in the explorer pane, select corresponding File Scanners, set the Bias field to Favor Certainty – notwithstanding that it is not used in file filtering, and the Action field to Skip: Detect Only. Lastly, uncheck the Send Notifications option, and check the Quarantine Files. Below is the illustration.

Scan

In my previous blog, I have tried to tabulate the possible Bias settings.

And there we go! Let us just click the Run button and the malicious document we have uploaded will be detected and it will be logged in the Quarantine under the Report shuttle navigator.

Hoping this piece would help.

Advertisements

Comments on: "SharePoint File Filtering in ForeFront" (2)

  1. I stiil dont geting this SharePoint or share File Thing!
    I guess I will never get the defence between share point ahd sharefile!

  2. Hi Max,
     
    I read your article and it is very informative! Personally, I prefer to use SharePoint because of its Content Management capability and not simply a file sharing facility – not to mention the other featured areas of the technology.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Tag Cloud

%d bloggers like this: