Exception Policy Settings
[Policy] > [Basic Decontamination Policy] > Setting [Exceptions]
Among the decontamination policies of the SHIELDEX File,'Exception' settingsis an item that allows for the circumvention of general security policies or defines exceptions in specific situations.
Exception settings allow for detailed control over the sanitization of documents or the import of originals based on file extensions and conditions.
⚠️ The permission to set the basic de-identification policy is granted to [Administrator Type - System Administrator], and
Administrator permission settings can be configured in [Administrator Settings] > [Account and Permission Management].
Detailed Description of Settings Items
| Policy Name | Description |
|---|---|
| Forced Import Settings for Specific Extensions | Specify the file extensions to be imported in their original state without decontamination, separated by semicolons. Input example) exe;bat;cmd; |
| Blocked Exception Settings for Unsupported Extensions | Unsupported extensions are handled by the 'Unsupported Extension Block Settings' value in the 'Common' tab, but extensions specified as exceptions in this item allow for the import of originals. Input example) log;tmp; |
| Extension Spoofing Prevention Exception Settings | Files with extension forgery are processed by the value of 'Extension Forgery Block Settings' in the 'Common' tab, but file formats (MIME types) specified as exceptions in this item allow the import of originals. Input example) application/zip;application/x-rar-compressed; |
| Unspecified File Extension Import Settings | Set the handling method for files without an extension. Files without extensions are considered to be of an unclear type for security reasons, so it is recommended to set up blocking. |
| Original Import Settings When Threat Elements Are Not Detected | Sets the handling of documents that do not contain threats such as OLE objects, macros, scripts, and ActiveX. Documents without threats can be brought back in their original state, preserving the format and content of the document. |
| Import Settings for Original When Decontamination Error Occurs | Set the handling method for cases where demilitarization cannot be completed normally due to demilitarization engine errors, processing failures, system exceptions, etc. |
| Original Import Settings on Timeout | Set the handling method for cases where the decontamination work is not completed within the time specified in 'Setting the Timeout Criteria'. (Items for which individual policy application is not possible) |
| Setting Timeout Criteria (Minutes) | Set the maximum time allowed for decontamination processing in minutes. If the specified time is exceeded, it will be processed according to "Original Import Settings on Job Timeout." (Items for which individual policy application is not possible) |
Input Rules and Precautions
- You must enter the extension.**Separated by semicolons (;)**must be entered without spaces.
- Setting the 'timeout criteria' is an important benchmark in actual demilitarization processing, so an appropriate time should be set based on performance testing.
- The import of 'files with unspecified extensions' can pose security vulnerabilities, so it should be configured carefully in conjunction with internal security policies.
Notes
- After the policy change, you can check the change history in [Policy Change History], and if necessary, you can also restore the policy.