Policies - Settings tab - Protection

NAVIGATION Policy Management > Policies > Settings tab > Protection checkbox

The Protection category assigns file, application and network access to a policy.

File Access Control

Add File or Change Access - Adds and schedules monitor sets. Check any of these checkboxes to perform their corresponding actions when an alert condition is encountered.
- Filename to access control (full path required) - Enter the full path and file name.
- Enter application approved for access - Add in a new application to the access list.
- Approved Applications - Displays the list of applications approved for access.
- Remove - Removes a selected application from the approved access list
- Ask user to approve unlisted - Lets users approve/deny access to the file on a per application basis each time a new application tries to access that file. Use this feature to build up an access control list based on normal usage.
- Deny all unlisted - Blocks an application from accessing the file. Select this option if you are already sure of which files need access and which do not.
Remove File - Removes a selected agent procedure.

Application Blocker

To block an application from running on a machine:

Enter the application's filename in the edit box.
Click the Addbutton. The blocked application displays in the Application to block list.

To unlbock an application from running on a machine:

Enter the application's filename in the edit box.
Click the Removebutton. The application no longer displays in the Application to block list.

Network Access

Notify user when app blocked - Notify the user when a blocked application attempts to access the network. Use this function to build up the access list based on normal usage. This lets you see which applications on your system are accessing the network and when. The machine user is prompted to select one of four responses when an application is blocked:
- Always - Allows the application access to the network indefinitely. Users will not be prompted again.
- Yes - Allows the application access to the network for the duration of the session. Users will be prompted again.
- No - Denies the application access to the network for the duration of the session. Users will be prompted again.
- Never - Denies the application access to the network indefinitely. Users will not be prompted again.
Enable/Disable driver - Enable/Disable the network access protection driver for an agent. Applications that do not use the Windows TCP/IP stack in the standard way may conflict with this driver, especially older legacy applications. The agent can not monitor network statistics or block network access if this driver is disabled. For Windows machines earlier than Vista, an enabled driver only takes effect after a reboot of the machine.
Apply Unlisted Action - An unlisted application is one that has not been explicitly approved or denied access to the network. Select the action to take when an unlisted application attempts to access the network.
- Ask user to approve unlisted - A confirmation dialog box displays if an unlisted application attempts to access the network.
- Approve all unlisted - The unlisted application is granted access to the network.
- Deny all unlisted - The unlisted application is denied access to the network and the application is closed on the managed machine.

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!