To govern the exchange of information at the transport level,
configure access to communications protocols by setting appropriate
permissions. These permissions specify who can gain access to which
protocols and what level of access users have. Permissions can be
set on a per-user or per-group basis. The following access rights
are available for permissions associated with protocols:
- File Sharing:
Generic: Send/Receive Data
The right to access a file sharing site, to browse its contents and
to download files.
Generic: POST Requests The
right to submit Web form data, such as user comments to specific
files. This right does not control the login information entered
into the username and password form.
Generic: Outgoing Files The
right to upload files to a file sharing site.
SSL: Send/Receive Data The
right to access a file sharing site, to browse its contents and to
download files using SSL.
SSL: POST Requests The right
to submit Web form data, such as user comments to specific files
using SSL. This right does not control the login information
entered into the username and password form.
SSL: Outgoing Files The
right to upload files to a file sharing site using SSL.
- FTP:
Generic: Send/Receive Data
The right to connect to an FTP server, send and receive protocol
data, download files from an FTP server.
Generic: Outgoing Files The
right to upload files to an FTP server.
SSL: Send/Receive Data The
right to connect to an FTP server, send and receive protocol data,
download files from an FTP server using FTPS.
SSL: Outgoing Files The
right to upload files to an FTP server using FTPS.
- HTTP:
Generic: Send/Receive Data
The right to connect to a Web server, send and receive protocol
data, Web pages and objects on Web pages (such as scripts, Flash
files, JPEG, PNG, and GIF images, etc.), and download files.
Generic: POST Requests The
right to submit Web form data to a Web server using HTTP.
Generic: Outgoing Files The
right to upload files to a Web server using HTTP.
SSL: Send/Receive Data The
right to connect to a Web server, send and receive protocol data,
Web pages and objects on Web pages (such as scripts, Flash files,
JPEG, PNG, and GIF images, etc.), and download files using
HTTPS.
SSL: POST Requests The right
to submit Web form data to a Web server using HTTPS.
SSL: Outgoing Files The
right to upload files to a Web server using HTTPS.
- ICQ/AOL Messenger:
Generic: Send/Receive Data,
Outgoing Messages The right to connect to the ICQ and AOL
Instant Messenger server and to send and receive instant messages
and receive files.
Generic: Outgoing Files The
right to send files.
SSL: Send/Receive Data, Outgoing
Messages The right to connect to the ICQ and AOL Instant
Messenger server and to send and receive instant messages and
receive files using SSL.
SSL: Outgoing Files The
right to send files using SSL.
- IRC:
Generic: Send/Receive Data,
Outgoing Messages The right to connect to an IRC server and to
send and receive instant messages and receive files.
Generic: Outgoing Files The
right to send files.
SSL: Send/Receive Data,Outgoing Messages The right to connect to an IRC server and
to send and receive instant messages and receive files using
SSL.
SSL: Outgoing Files The
right to send files using SSL.
- Jabber:
Generic: Send/Receive Data,
Outgoing Messages The right to connect to a Jabber server and
to send and receive instant messages and receive files.
Generic: Outgoing Files The
right to send files.
- Mail.ru Agent:
Generic: Send/Receive Data,
Outgoing Messages The right to connect Mail.ru Agent to the
Mail.ru server and to send and receive instant messages and receive
files.
Generic: Outgoing Files The
right to send files.
- MAPI:
Generic: Send/Receive Data
The right to connect the Outlook client to Microsoft Exchange
Server and read e-mail.
Generic: Outgoing Messages
The right to send e-mail messages without attachments from the
Outlook client to Microsoft Exchange Server.
Generic: Outgoing Files The
right to send e-mail attachments from the Outlook client to
Microsoft Exchange Server.
- Skype:
Generic: Send/Receive Data
The right to connect to the Skype server and receive instant
messages and files.
Generic: Incoming Calls The
right to receive calls.
Generic: Outgoing Calls The
right to make calls.
Generic: Outgoing Messages
The right to send instant messages.
Generic: Outgoing Files The
right to send files.
- SMB:
Generic: Send/Receive Data
The right to access shared resources on an SMB server and to
download files/folders. Also, this right allows users of external
computers to connect to, browse the content of and transfer data to
locally shared resources on the computer where DeviceLock Service
runs.
Generic: Outgoing Files The
right to upload files to an SMB server. Also, this right allows
users of external computers to read local files/folders shared on
the computer where DeviceLock Service runs.
- SMTP:
Generic: Send/Receive Data
The right to connect to an SMTP server and to send and receive
protocol data.
Generic: Outgoing Messages
The right to send e-mail messages without attachments.
Generic: Outgoing Files The
right to send e-mail attachments.
SSL: Send/Receive Data The
right to connect to an SMTP server and to send and receive protocol
data using SSL.
SSL: Outgoing Messages The
right to send e-mail messages without attachments using SSL.
SSL: Outgoing Files The
right to send e-mail attachments using SSL.
- Social Networks:
Generic: Send/Receive Data
The right to have view access to a social networking site.
Generic: Outgoing Messages
The right to send messages, comments, posts, etc.
Generic: Outgoing Files The
right to upload media and file content to a social networking
site.
- Telnet:
Generic: Send/Receive Data
The right to connect to a Telnet server and to send and receive
protocol data.
- Web Mail:
Generic: Send/Receive Data
The right to access Webmail and read e-mail.
Generic: Outgoing Messages
The right to send e-mail messages without attachments.
Generic: Outgoing Files The
right to send e-mail attachments.
SSL: Send/Receive Data The
right to access Webmail and read e-mail using SSL.
SSL: Outgoing Messages The
right to send e-mail messages without attachments using SSL.
SSL: Outgoing Files The
right to send e-mail attachments using SSL.
- Windows Messenger:
Generic: Send/Receive Data,
Outgoing Messages The right to connect to the Windows Messenger
server and to send and receive instant messages and receive
files.
Generic: Outgoing Files The
right to send files.
- Yahoo Messenger:
Generic: Send/Receive Data,
Outgoing Messages The right to connect to the Yahoo Messenger
server and to send and receive instant messages and receive
files.
Generic: Outgoing Files The
right to send files.
To set the default permissions
In the upper-left pane of the
dialog box, under Users, click Set
Default.
The default permissions are assigned
to the Administrators and Everyone accounts.
To set permissions for an additional user or
group
1. In the upper-left pane of the dialog box, under
Users, click Add. The Select Users or Groups
dialog box appears.
2. In the Select Users or Groups dialog box,
in the Enter the object names to select box, type the name
of the user or group, and then click OK. The users and
groups that you added are displayed under Users in the
upper-left pane of the Permissions dialog box. To delete a
user or group, select the user or group, and then click
Delete or press the DELETE key.
3. In the upper-left pane of the Permissions
dialog box, under Users, select the user or group. You can
select multiple users or groups by holding down the SHIFT key or
the CTRL key while clicking them.
4. In the lower-left pane of the Permissions
dialog box, under User's Rights, select either Allow
or Deny to directly allow or deny the appropriate access
rights.
In the right pane of the Permissions
dialog box, you can set day and time restrictions that narrow user
access to the specified protocol(s). Use the left mouse button to
select days and hours when the selected user or group will have
access to the specified protocol(s). Use the right mouse button to
mark days and hours when the selected user or group will not have
access to the specified protocol(s).
NOTE: When selecting several protocols that have
different access rights, consider the following:the Permissions dialog box displays only those access rights
that are common to all selected
protocols.
If all access rights displayed in the Permissions dialog
box are allowed for the specified users, these users will have full
access to the selected protocols.
If all access rights displayed in the Permissions dialog
box are denied for the specified users, these users will have no
access to the selected protocols.
Some access rights depend on other rights. If you grant a
right that requires another right, the required right is granted
automatically. For example, if you grant only the Generic: Outgoing
Files right for the Social Networks and Web Mail protocols, the
following rights are granted automatically: Generic: Send/Receive
Data, Generic: Outgoing Messages, Generic: Outgoing
Files.
No Access permissions assigned to the Everyone account
take priority over permissions assigned to other
accounts.