List of Content-Aware Rules for Devices

The users and groups that have content-aware rules specified for devices are displayed under the Devices > Content-Aware Rules node in the console tree (see Content-Aware Rules Node).

When a user or group is selected under the Content-Aware Rules node in the console tree, the details pane lists the content-aware rules specified for that user or group. For each rule, the list provides the following details:

•Name - The name of the rule. By default, the rule has the same name as its content group.

•Type - The type of the content analysis. Possible values:

•File Type Detection - Recognition and identification of a file’s true file type are based on its actual characteristic signatures found by inspection rather than just its name.

•Keywords - Recognition and identification of data/files are based on the specified keywords or phrases found by inspection.

•Pattern - Recognition and identification of data/files is based on the specified patterns of alphanumeric text described by Perl regular expressions and found by inspection.

•Document Properties - Recognition and identification of files are based on their basic file properties (i.e. size, name, header information, date modified, etc.).

•Digital Fingerprints -Recognition and identification of files are based on their digital fingerprints.

•Complex - Recognition and identification of data/files are based on the content described by a Boolean expression of multiple rule types.

•Action(s) - Shows which user actions are allowed or disallowed on files and which user actions are logged to the Shadow Log.

•Permissions - The rule applies to access control operations.

•Shadowing - The rule applies to shadow copy operations.

•Detection - The rule applies to detection operations.

•Permissions+Shadowing - The rule applies to both access control and shadow copy operations.

•Permissions+Detection - The rule applies to both access control and detection operations.

•Shadowing+Detection - The rule applies to both shadow copy and detection operations.

•Permissions+Shadowing+Detection - The rule applies to all available operations: access control, shadow copy and detection.

•Device Type(s) - The device type(s) to which the rule applies.

•Send Alert - Shows whether alerts are enabled or disabled for this rule.

•Log Event - Shows whether the audit logging of events associated with this rule is enabled or disabled.

•Shadow Copy - Shows whether the shadow copying is enabled or disabled for this rule.

•Profile - Possible values: Regular and Offline. Regular indicates that the rule applies to client computers that are working online. Offline indicates that the rule applies to computers that are working offline.

Different online vs. offline Content-Aware Rules can be defined for the same user(s) or groups of users. For information about how to define offline Content-Aware Rules, see Managing Offline Content-Aware Rules for Devices.

The shortcut menu on a rule in the details pane provides the following commands:

•Manage - Depending on the rule’s profile (regular or offline), opens a dialog box to define the online (regular) or offline content-aware rules.

•Edit - Opens a dialog box to view or modify the rule.

•Send Alert - Enables or disables alerts for the given rule.

•Log Event - Enables or disables the audit logging of events associated with the given rule.

•Shadow Copy - Enables or disables the shadow copying of the content that causes the rule to trigger.