06-21-2023 04:46 AM
Hello Team,
Could you please provide the benefits of Network Location Files in restriction profile.
06-21-2023 05:24 AM
Hi @RamyashreeMada ,
Thank you for writing to live community!
It really depends upon the requirements and regulations for the endpoints in the environment if you have specific locations or executables that would be present on network drives that you would not want specific endpoints to be able to access or execute.
This in turn allows security administrators to manage and restrict the surface of execution on the endpoint environment.
Hope this helps! Please mark the response as "Accept as Solution" if it answers your query
06-26-2023 08:49 PM
What is the usecase of this? We need more clarity on it.
06-26-2023 09:07 PM - edited 06-26-2023 09:10 PM
Hi @RamyashreeMada ,
As I stated in my previous conversation, it really depends upon use cases of organisations and their compliance and respective use case scenarios. It could range from setting up a restriction for all endpoints (except some) for a specific set of folders in network drive which only a specific subset of endpoints have the leverage to use to restricting access to execution on any folders in network drives by end users.
Please note that restrictions profile will only restrict execution on the surface of the files added to the blocklist. Other operations like copy paste will still be allowed.
|
For eg. some organisations might have one file server only with one single partition for file access. Within the partition which was allowed for all users, there are certain folders which contains application installers and some office files which are meant to be copied and stored in the local system for use and not to be allowed for direct access on the network drive. However, it has been observed that users try to execute that application or access the application on the network drive itself. This causes a significant load on the file server and impacts access to the network drive for all other users(because the application exe and office files in the folder are heavy in size and usage). In order to prevent the application to executed on the network drive partition, you can restrict the execution by adding that folder to the block list for the user endpoints. However, if they copy it and store it access the file/executable from their local system, that should be allowed.
Alternative ex could be that there are proprietary files and exe stored in the network drive which should be accessed by a subset of endpoints used by certain users only. You can restrict the usage by adding the exe name to block list for all users except the certain allwed endpoints and add the exe to block list under network location and also under file and folder restriction |
Hope this helps
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
