![]() To control the file I/O for the control filter driver, we can set the access flag for the filter rule, the access flags can be the combination of the bits as following enumeration. For example: c:\test\*txt, the filter only monitors I/Os of the files end with ‘txt’ in the folder c:\test. To know which file we want to filter, we need to set the filter rule with the file name filter mask, the FilterMask sets the target folder or files,it can include wild character ‘*’or ‘?’. SetConnectionTimeout(ULONG TimeOutInSeconds) įilter the file I/O with file filter rule If you register the I/O events or callback, setup the maximum time of the filter driver waits for the response from the user mode application. To setup the filter driver type with the combination of the below filter type enumeration, then you have have the associated features of the filter driver. ![]() RegisterMessageCallback(ULONG ThreadCount,Proto_Message_Callback MessageCallback,Proto_Disconnect_Callback DisconnectCallback ) To start the filter driver, first we need to set the registration key, then register the callback funtion with the worker thread number. Install/Uninstall the filter driver with admin privilege FilterAPI.dll is a user mode DLL which is responsible for the communication between filter driver and your use mode application ,and it is also a wrapper DLL which exports the API to the user mode applications. EaseFlt.sys is the file system filter driver which provides a complete, modular environment for building active file system filters. The EaseFilter control file system filter driver SDK includes two components (EaseFlt.sys and FilterAPI.dll) with 32bit and 64bit version. Get the notifications of each registry operation when the registry key was accessed or modified by the applications. Protect Windows core registry keys and values and prevent potentially damaging system configuration changes, besides operating system files. ![]() Get the callback notification for the process/thread creation or termination, prevent the untrusted executable binaries ( malwares) from being launched. High-performance hardware accelerated encryption, encryption overhead is minimized using the AES hardware encryption capabilities available in modern CPUs. Protect the sensitive files, you can verify the user identity, authenticate them, authorize the file access, prevent the confidential files from being accessed, modified, renamed, deleted, or read by unauthorized users, you also hide your sensitive files to the unauthorized users, protect intellectual property from being copied.Įnterprise transparent and continuous file-level encryption protects against unauthorized access by users and processes, secures unstructured data for the enterprise. Monitor Windows file I/O activities in real time, track the file access and changes, monitor file and folder permission changes, audit who is writing, deleting, moving or reading files, report the user name and process name, get the user name and the ip address when the Windows file server's file is accessed by network user.ī.File Access Control and Security ControlĬontrol Windows file I/O activities in real time, intercept the file system call, modify its content before or after the request goes down to the file system, allow/deny/cancel its execution based on filter rules.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |