Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

Configuring the action when a filter is matched

 

Applies to: Forefront Protection for SharePoint

Topic Last Modified: 2010-01-20

You must indicate the action that Microsoft Forefront Protection 2010 for SharePoint (FPSP) should take upon detecting a match to your filter criteria.

noteNote:
You must set the action for each filter list you configure. The action setting is not global.

The action options are only available after a filter list has been enabled, and the types of action options that are available are dependent upon the type of filtering you are performing. Possible action choices are listed and described in the following table. Click Save after making any changes to your action settings.

 

Action Description

Skip detect

Records the number of files that meet the filter criteria, but enables uploading and downloading to take place normally. If, however, Delete corrupted compressed files, Delete corrupted UUEncoded Files, or Delete encrypted compressed files was selected in Global Settings - Advanced Options, a match to any of those conditions causes the item to be deleted. This setting is the default for all filters.

Delete

Deletes the file, inserting deletion text in its place. This setting only applies to scheduled and on-demand filters.

For information about modifying deletion text, see Editing deletion text for file filters.

noteNote:
You can specify the extension type used for all deleted files (for example, .abc), making it easy to instantly identify deleted files. For more information, see "Configuring the extension type assigned to all deleted files" in Configuring the action when malware is detected.

Suspend

Prevents the file from being uploaded or downloaded. The user receives a SharePoint message that the file was infected and could not be uploaded or downloaded. This setting only applies to realtime filters.

CautionCaution:
Extreme care should be taken when implementing actions for filter lists because they also affect files submitted for antimalware scanning by SharePoint. This can potentially include ASPX and other operational pages. It is recommended that you tune your filter lists by using an action of Skip detect prior to implementing a Delete or Suspend action.
 
Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.