Repairing a rule

Security rules are stored in a private file hidden in a folder. When a user accesses a folder secured by a rule, SDS Enterprise stores the content of this technical file in its account so that it can detect the following attacks:

  • Deletion of the technical file,
  • Modification of the rule by an unauthorized third party (e.g., adding or deleting a co-worker),
  • Replacement of the technical file with a file from another valid rule, but intended for a different folder.

Some of these events can also be the consequence, not of an attack, but of an exceptional use case such as the:

  • Deletion of the folder,
  • Creation of a new folder with the same name,
  • Definition of a new rule.

If an attack is suspected, SDS Enterprise will prohibit any access to the folder in question. To restore access:

  1. In Windows Explorer, right-click on the file and select Properties.
  2. Click on the Stormshield Data Security tab.
  3. Click on Restore to copy the rule stored in the account into the folder.
  4. Or click on Refresh to accept the rule set on the folder and copy it into the account.