CSA MC 6.0

Unanswered Question
Sep 17th, 2008


we are planning to deploy CSA-MC6.0 on our network and would like to activate the following security policies.

-stop coping data from a system to external devices (CD,USB etc)

-stop downloing music/multimedia files

-stop streaming vedio (ie. youtube)

-stop chat programs

-stop installing any .exe files

Curretly I crated a test group and put some rule modules which are identified to fulfil the above requirement, unfortunately none of the rules didnt work with above requirement.

Can any one sugesst me what are the appropriate rule/rule modules to fulfil the above requirement on CSA MC 6.0


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
cleidh_mor Thu, 09/18/2008 - 05:04

First of all, check that the agent has actually dowloaded the relevant rules. You can see this in the Agent Panel under status. Once you've verified that the new rules have downloaded, test them by, for example, trying to install something and check the MC for logs.


tsteger1 Fri, 09/19/2008 - 09:46

I don't believe you've stopped all .exe's from installing, just those invoked by Mass software deployment apps.

I also don't know if you are preventing writing to USB devices (it's hard to tell from your screenshots).

You are probably going to be better off not trying to clone a bunch of rules that 'might' stop what you want to stop and just create some specifically targeted rules.

That way if it stops it, you can loosen the restrictions as needed until it works the way you want.

A few specific File Access and Application Control rules may be what you need.

Streaming media may be a bit harder and is probably better done with web filtering.

It is possible, but difficult to maintain.


pemasirid Fri, 09/19/2008 - 11:45

Thanks Tom for your response. I have stop all of rules on Mass Software deployment rule modules but it didnt work out.

Prevent writing to USB devices rule I used worked only writing from system to any USB but also need visa verse.

Could you please advise me what are the appropriate rule/rule modules to fulfil my those security policies.



This Discussion