ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Changing default handling of encrypted container files when using Symantec Protection for SharePoint Servers 6.0.x with Symantec Protection Engine 7.5

book

Article ID: 161071

calendar_today

Updated On:

Products

Protection Engine for Cloud Services Protection for SharePoint Servers Protection Engine for NAS

Issue/Introduction

In Symantec Protection Engine (SPE) 7.5 release the default handling of encrypted container files has been changed from Delete to Log only. Due to this, there will be difference in the result when using encrypted container file rules in Symantec Protection for SharePoint Servers (SPSS) 6.0.x.

Resolution

Encrypted container files by default are treated as log only in SPE 7.5. Therefore, you must change this setting on SPE to keep the behavior similar to the earlier release.

From UI: 
 
Log on to SPE console and go to Polices ->Filtering->Container Handling. Under Encrypted Container Handling change the option to Delete. Apply and save the change.
 
From command-line: 
 
  1. From the command-line, go to the Symantec Protection Engine installation directory (By default, the installation directory is C:Program FilesSymantecScan Engine or C:Program Files(x86)SymantecScan Engine).
  2. Use the xmlmodifier tool to change the value of EncryptedContainersPolicy in filtering.xml to 2 (delete all encrypted containers). For example:

    XMLModifier.exe –s /filtering/Container/EncryptedContainersPolicy/@value 2 filtering.xml
     
  3. Restart Symantec Protection Engine service.
See this document for reference on detail explanation of the behavior of handling encrypted files on SPE7.5.

Applies To

SPSS 6.0.x with SPE 7.5.x