Global Automatic Access Action; Custom Automatic Access Action Rules - Check Point HARMONY R81 Administration Manual

Global Automatic Access Action

You can select a global action that defines automatic access to encrypted devices. This has an
effect on all Media Encryption & Port Protection rules, unless overridden by a different rule or
action.
To enable automatic access:
n Make sure that Removable Media Read Access actions allow access for the specified
users or computers.
Note - Users cannot access encrypted devices by entering a password if read
access is not allowed for that user.
n Select or define an action that allows Automatic Access for the logged in user.
Media Encryption & Port Protection comes with these predefined actions:
Action
Encrypted storage devices are fully
accessible by all users
All users in the organization can
read encrypted data, only owners
can modify
Only owners can access encrypted
data
Access to encrypted data requires
password authentication

Custom Automatic Access Action Rules

To create custom action rules:
1. Right-click a Global Automatic Access action and select Edit.
The Custom Encrypted Media Access Rules window opens. There are two predefined
action rules in this window. You cannot delete these rules or change the media owner or
media user. But, you can change the access permissions.
The two predefined actions are defaults that apply when no other custom action rules
override them. The Any/Media Owner action rule is first by default and the Any/Any
action rule is last by default. We recommend that you do not change the position of these
rules.
Description
All users can read and change all encrypted
content.
All users can read encrypted files on storage
devices. Only the media owner has can change
encrypted content.
Only media owners read and/or change encrypted
content.
Users must enter a password to access the device.
Automatic access in not allowed.
R81 Harmony Endpoint Server Administration Guide | 277
Global Automatic Access Action