Configuring advanced settings in the registry base
Some advanced parameters in SDS Enterprise must be configured in the Windows registry base.
To edit the registry base:
-
Go to the registry database by running regedit.exe.
-
In the tree, go to the key indicated.
-
Change the value of the key.
-
Quit the registry database.
-
Restart the machine.
When Stormshield Data Team is installed on a workstation, the date of the last access changes when a folder is browsed. The AccessTimeAction
parameter makes it possible to restore the actual date on which files were last accessed.
Key |
|
Location |
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SBoxTeamDrv\Parameters |
Values |
In general, the default value |
The cachemov.exe utility can be used to move the - <%WINDIR%>\CSC - system folder, which contains files available offline.
Stormshield Data Team must be configured as follows to manage this particular environment:
Key |
|
Location |
HKLM\SYSTEM\CURRENTCONTROLSET\Services\SBoxTeamDrv\Parameters |
Value |
Add the folder containing the CSC database. |
When Stormshield Data Team is used, users' workstations may slow down. To keep the usual levels of performance, the following registry keys can be applied:
Improving performance when browsing encrypted trees
To reduce the time it takes to determine whether a folder is encrypted in “smart card” mode (this determines the icon of the folder), the value of the OverlayIconAccuracy parameter can be changed.
Key |
|
Location |
HKEY_LOCAL_MACHINE\SOFTWARE\ARKOON\Security BOX Enterprise\Properties\Team |
Value |
|
Excluding Windows processes that access encrypted folders
Some Windows processes can slow down the workstation by regularly accessing folders that Stormshield Data Team encrypts.
To reduce the frequency of these slowdowns, you can exclude in the registry database the processes that are considered safe and do not cause any file modifications. If the SkipApp key does not exist, you can create it by choosing a REG_MULTI_SZ value.
Key |
|
Location |
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SboxTeamDrv\Parameters |
Value |
Add one process to exclude per line. We recommend that you exclude the following processes: SearchIndexer.exe searchUI.exe MsMpEng.exe SearchProtocolHost.exe SearchFilterHost.exe mobsync.exe msdtc.exe mstsc.exe mobsync.exe wfica32.exe vmtoolsd.exe SecurityHealthService.exe SearchApp.exe NisSrv.exe As well as the specific Dell processes: HostStorageService.exe HostControlService.exe |
Excluding Windows Defender extensions and scans
To prevent your workstation from slowing down, you can also exclude the extensions and scans that Windows Defender runs:
Key |
|
Location |
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions |
Value |
Add the list of extensions to exclude. We recommend that you exclude the following extensions: .box, .sbox, .sbt, .sdsx, .usi, .usr. |
Key |
|
Location |
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions |
Value |
Add the list of processes to exclude. We recommend that you exclude the following processes: SBDSRV, SBoxDiskSrv as well as antivirus and other EDR processes. |
When selecting the co-workers you want to share the folder with, co-workers who hold the Windows permissions that enable accessing the folder concerned are automatically suggested in a group which name is Windows permissions.
You can disable this feature by creating the following registry key:
Key |
|
Location |
HKEY_LOCAL_MACHINE\SOFTWARE\Arkoon\Security BOX Enterprise\Kernel\ |
Value |
|
When selecting employees authorized to access a secure folder, the LDAP directory search is based on the common name by default.
If the common name is not enough, you can configure a custom search filter to search through multiple LDAP attributes, using the following registry keys:
Key |
SearchFilter (REG_SZ) |
Location |
HKEY_LOCAL_MACHINE\SOFTWARE\Arkoon\Security BOX Enterprise\Properties\CoworkerSelector |
Value |
Specify the filter you want to apply when performing an LDAP search. Use the logical connectors “&” (and) and “|” (or). For example:
The “?” character is replaced by the character string entered by the user in the search field. |
Key |
SearchPattern (REG_SZ) |
Location |
HKEY_LOCAL_MACHINE\SOFTWARE\Arkoon\Security BOX Enterprise\Properties\CoworkerSelector |
Value |
Optional key. Replaces the default character "?" used in the filter if necessary. |