Preventing file downloads from SharePoint Web applications to non-compliant computers in IAG SP2

  • Article

Applies To: Intelligent Application Gateway (IAG)

This topic describes how you can use the application’s Download policy so that, unless the end user's computer meets the security policy requirements that you define, end users cannot do the following:

  • Download files.

  • Use the Edit in Datasheet option.

Users who are blocked are notified accordingly.

To prevent file download operations

  1. On the desktop of the computer running IAG, click Start, point to All Programs, point to Whale Communications IAG, and then click Configuration.

  2. If a password is required, enter it, and then click OK.

  3. In the Configuration console, on the Application Properties dialog box, click the General tab, and then click Manage Policies.

  4. On the Manage Policies and Expressions dialog box, under the Policies group, select the SharePoint 2007 Download policy, and then click Edit Policy.

  5. On the Policy Editor dialog box, you can edit the policy in order to comply with your corporate policy, so that noncompliant computers (such as computers that don't run a firewall) are blocked. You can use the Default Web Application Download policy as a basis for your definitions. For more information, see Managing client endpoint policies_IAG.

    On the Policy Editor dialog box, click OK, and then on the Manage Policies and Expressions dialog box, click Close.

  6. On the Application Properties dialog box, on the General tab, in the Download list, click the SharePoint 2007 Download policy, and then click OK.

  7. On the toolbar of the Configuration console, click the Activate Configuration icon, and then on the Activate Configuration dialog box, click Activate.

    When the configuration is activated, the message "IAG configuration activated successfully" appears. The download operations described in this topic will be blocked, on the client side and on the server side, for endpoint computers that do not comply with the security policy that you define here.

    Note

    This procedure ensures full correlation of the SharePoint 2007 Download policy on both the client and server sides. If you want to cancel the policy, you must take the following steps in order to ensure that the same conditions apply to both the client and the server:

    • To cancel enforcement of the policy on the server side, on the Application Properties dialog box, on the General tab, select a Download policy other than SharePoint 2007 Download.

    • To cancel enforcement of the policy on the client side, redefine the value of the SharePoint 2007 Download policy as True.