Stormshield Data File

Stormshield Data File can be configured in the filePolicy section of the .json file. The table below describes its parameters. In the SDMC administration console, the equivalent parameters are found in Policies > Features > File.

For more information on configuring this feature, refer to the section Configuring Stormshield Data Filein the Administration guide.

Parameter Type Description Prescribed values SDMC
allowEncryptSmart
File
Indicates whether the user is allowed to create smartFILE files.

true,

false

Allow creation of smartFILE files
allowEncryptionFor
Recipient
Indicates whether the user is allowed to encrypt for a recipient.

true,

false

Enable file encryption for a recipient
allowFileDecryption Indicates whether the user is allowed to decrypt files.

true,

false

Enable file decryption
allowFileEncryption Indicates whether the user is allowed to encrypt files.

true,

false

Enable file encryption
allowFolderDecryption Indicates whether the user is allowed to decrypt folders.

true,

false

Enable folder decryption
allowFolderEncryption Indicates whether the user is allowed to encrypt folders.

true,

false

Enable folder encryption
allowNetworkDecryption Indicates whether the user is allowed to decrypt network files.

true,

false

Enable network file decryption
allowNetworkEncryption Indicates whether the user is allowed to encrypt network files.

true,

false

Enable network file encryption
allowSelfDecryptable
FilesCreation
Indicates whether the user is allowed to create self-decryptable files.

true,

false

Enable creation of self-decryptable files
blockedExtensionsOn
Opening
Types of files that must first be decrypted before opening. List of extensions in .ext format N/A
confirmForEachFile If several files are being encrypted, indicates whether a confirmation is required for each file.

true,

false

Confirm encryption for each file
decryptionList Specifies the parameters of the automatic file decryption list. To use this list, refer to decryptionList section.

 

Decryption list
encryptHiddenFiles Indicates whether hidden files must be encrypted.

true,

false

Encrypt hidden files
encryptionList Specifies the parameters of the automatic file encryption list. To use this list, refer to encryptionList section.

 

Encryption list
exclusionList Specifies the parameters of the exclusion list. To use this list, refer to exclusionList section. Exclude list
fileFormat Format of the encrypted file.

sdsx,

sbox

Encryption format
readOnlyFilesEncryption

Indicates how to process read-only files.

treatAsUsual,

 

askConfirmation,

 

doNotEncryptBut
Notify, neitherEncrypt
NorNotify

Process normally like standard files,

Request confirmation,

Notify but do not encrypt,

Neither notify nor encrypt

decryptionList section

Files included in decryption lists are automatically decrypted at a predetermined time or when a predetermined event takes place. The following parameters are specified in the filePolicy.decryptionList section of the .json file.

Parameter Type Description Prescribed values SDMC
askConfirmation

Indicates whether a confirmation is required before automatic decryption.

true,

false

Ask confirmation before performing automatic decryption
displayReport Indicates whether to display a report after automatic decryption.

true,

false

Display report after performing automatic decryption
files List of files to decrypt automatically.

 

Files decrypted automatically
 

path: File path. To indicate several files, the “files” list must contain several objects, each with a different “path” property. For example:

"files": [
{
"path": "path1"
},
{
"path": "path2"
}
]
String File path
folders List of folders to decrypt automatically.

 

 
 

path: Folder path. To indicate several folders, this parameter must be used several times. See the "files" parameter.

String Folder path or mask
  recursive: Indicates whether sub-folders are included in the decryption list.

true,

false

Include sub-folders
masks List of masks to decrypt automatically. To indicate several masks, this parameter must be used several times. See the "files" parameter.

 

 
 

path: Mask path. To indicate several masks, this parameter must be used several times. See the "files" parameter.

String Folder path or mask
  recursive: Indicates whether sub-folders are included in the decryption list.

true,

false

Include sub-folders
onConnection Decrypts the list of files upon connection to SDS Enterprise.

true,

false

Decrypts automatically upon connection to the SDS Enterprise account
onScreenSaverOver Decrypts the list of files when screensaver stops.

true,

false

Decrypt automatically when screensaver stops
onSessionUnlock Decrypt the list of files when unlocking session.

true,

false

Decrypt automatically when unlocking session

encryptionList section

Files included in encryption lists are automatically encrypted at a predetermined time or when a predetermined event takes place. The following parameters are specified in the filePolicy.encryptionList section of the .json file.

Parameter Type Description Prescribed values SDMC
askConfirmation

Indicates whether a confirmation is required before automatic encryption.

true,

false

Ask confirmation before performing automatic encryption
displayReport Indicates whether to display a report after automatic encryption.

true,

false

Display report after performing automatic encryption
files List of files to encrypt automatically.

 

Files encrypted automatically
 

path: File path. To indicate several files, the “files” list must contain several objects, each with a different “path” property. For example:

"files": [
{
"path": "path1"
},
{
"path": "path2"
}
]
String File path
fixedTimesInSeconds List of times at which files are automatically encrypted. Expressed in number of seconds from 00:00. For example, 1:30 a.m. is represented by a value of 5400. List of positive whole integers N/A
folders List of folders to encrypt automatically.  
 

path: Folder path. To indicate several folders, this parameter must be used several times. See the "files" parameter.

String Folder path
  recursive: Indicates whether sub-folders are included in the encryption list.

true,

false

Include sub-folders
intervalMinutes Frequency with which files are automatically encrypted. Expressed in minutes. Positive integer. Automatic encryption frequency
masks List of masks to encrypt automatically.

 

 
 

path: Mask path. To indicate several masks, this parameter must be used several times. See the "files" parameter.

String Folder path or mask
  recursive: Indicates whether sub-folders are included in the encryption list.

true,

false

Include sub-folders
onDisconnection Enables list when disconnecting from SDS Enterprise.

true,

false

Encrypt automatically when disconnecting from the SDS Enterprise account
onScreenSaverStarted Enables the list when screensaver starts.

true,

false

Encrypt automatically when screensaver starts
onSessionLock Enables the list when locking the SDS Enterprise session.

true,

false

Decrypt automatically when locking session

exclusionList section

Using an exclusion list, you can exclude some files to prevent them from being encrypted by mistake. The following parameters are specified in the filePolicy.exclusionList section of the .json file.

Parameter Type Description Prescribed values SDMC
displayWarning Indicates whether a warning window must be displayed if an operation could not be completed because of the exclusion list.

true,

false

Display warning when encryption is rejected
files List of files to be excluded from encryption.

 

Files excluded from encryption
  askForConfirmation: Indicates whether confirmation must be requested for the encryption of excluded files.

true,

false

N/A
 

path: File path. To indicate several files, the “files” list must contain several objects, each with a different “path” property. For example:

"files": [
{
"path": "path1"
},
{
"path": "path2"
}
]
String File path
folders List of folders to be excluded from encryption.

 

Folders or masks excluded from encryption
  askForConfirmation: Indicates whether confirmation must be requested for the encryption of excluded folders.

true,

false

N/A
  path: Folder path. To indicate several folders, this parameter must be used several times. See the "files" parameter. String File path
  recursive: Indicates whether sub-folders are included in the exclusion list.

true,

false

Include sub-folders
masks List of masks to be excluded from encryption.

 

Folders or masks excluded from encryption
  askForConfirmation: Indicates whether confirmation must be requested for the encryption of excluded files.

true,

false

N/A
  path: Path of the mask with the "*.ext" extension to apply the mask. To indicate several masks, this parameter must be used several times. See the "files" parameter. String File path
  recursive: Indicates whether sub-folders are included in the exclusion list.

true,

false

Include sub-folders