Configuring Symantec Protection Engine to handle encrypted container files
This topic explains the options that are configured using the Core server with user interface mode. to work with the Core server only mode.
Encrypted files are unscannable in Symantec Protection Engine. If you want to protect your network from threats of encrypted container files, configure Symantec Protection Engine to handle unscannable encrypted container files.
To configure Symantec Protection Engine to handle encrypted container files
In the console on the primary navigation bar, click Policies.
In the sidebar under Views, click Filtering.
In the content area on the Container Handling tab, under Encrypted Container Handling, select Enable Encrypted Container Handling check box.
Under Enable Encrypted Container Handling, select one of the following to specify how Symantec Protection Engine handles encrypted files:
Generates a log entry.
By default, Symantec Protection Engine only logs instances of encrypted container files.
Blocks the encrypted container files and generates a log entry.
Deletes the encrypted container files and generates a log entry.
The options are available only if the Enable Encrypted Container Handling is enabled.
The Quarantine option is available only if Enable Encrypted Container Handling is enabled and quarantine server is configured in Symantec Protection Engine.
On the toolbar, select one of the following options:
Saves your changes.
Use this option to continue making changes in the console until you are ready to apply them.
Applies your changes.
Your changes are not implemented until you apply them.