making EPS log capability better

	Forums Register Login My Profile Inbox Address Book My Subscription My Forums Member List Search FAQ Ticket List Log Out

making EPS log capability better

Logged in as: Guest

Users viewing this topic: none

Printable Version

All Forums >> [Network Security] >> GFI EndPointSecurity >> making EPS log capability better

Page: [1]

Message

<< Older Topic Newer Topic >>

making EPS log capability better - 12.May2008 4:24:48 PM

hilbert

Posts: 5
Joined: 29.Apr.2008
Status: offline

Verison EPS 20080215 with patched agent.

if you deny "read access" to all internal peripheral (cd-rom,floppy,etc) except Hard Drive, every time a user launches an application (example: MS word)and browses the devices to open a file located in the hard drive(C:\test.doc), EPS logs an "Access Deny"on Cd-rom,floppy, etc., generated for the user using that application. In this way EPS generates hundred of false tentatives daily, although users never tried to access to internal peripherals.

Are you able to make the agent capability "smarter",in order to identify a real and deliberate access to a forbidden device?

Thnx
Hilbert

Post #: 1

Page: [1]

All Forums >> [Network Security] >> GFI EndPointSecurity >> making EPS log capability better

Page: [1]

Jump to:

New Messages	No New Messages
Hot Topic w/ New Messages	Hot Topic w/o New Messages
Locked w/ New Messages	Locked w/o New Messages

Post New Thread

Reply to Message

Post New Poll

Submit Vote

Delete My Own Post

Delete My Own Thread

Rate Posts

© 2008. All rights reserved. GFI Software	Home Products Download Trials Support Ordering Site Map About Us Contact us
GFI solutions: Exchange anti spam filter - exchange anti virus - isa server - network vulnerability scanner - event log management - USB security software - exchange archiving - fax server software