This article shows you how to Protect, Release, and Profile data in folders and/or subfolders all at one time.
Introduction
You can encrypt and decrypt files in Explorer by selecting between one and fifteen items on which to operate. After selecting, you can right-click and choose SSProtect Activate, or Shift-Right-Click then choose SSProtect Release. This executes the requested operation on each file, in parallel. If you have two-factor authentication enabled, you are prompted for each file's operation. Future releases will combine the 2nd-factor action into a single event.
If you want to convert more than fifteen items at a time, and/or you want to have the software automatically apply the operation to a folder and all items within all subfolders, use the Bulk Conversion interface available from the notification icon's context menu.
Bulk Conversion UI
The interface for Bulk Conversion, without Catalogs, is shown below (Catalogs are enabled/ disabled for Organization Users in User Administration):
Select the appropriate Protect or Release radio control, check Include Subfolders if you wish to recursively include subcontent, Browse to the target folder, then choose Protect (or Release) to begin. As noted, you will be given a warning if your Login Session is not suitable, though you can proceed.
Conversion will start immediately after you make your selection. SSProtect will first search the folder's items and all subfolders, computing the total number of items that are candidates for the chosen operation. The software will then proceed to begin the conversion, launching numerous external processes that operate in tandem.
Parallel Ops
Parallel Ops governs the number of Conversion processes executed in parallel. You can change this value prior to making your selection to fine-tune performance. If you have no other applications using significant amounts of CPU or disk access, you can usually select 4 Concurrent Operations for each processor in your host computer. The most typical optimum choice is to have half as many Concurrent Operations as you have target files, though this is often impractical. The default of 31 is often suitable.
Stopping Operation
Once operation begins, you will see conversion progress popups for files that pass the threshold for its' display. You can choose Cancel at any time to stop the process, though keep in mind that enqueued items must complete before the process is finished. This will result in a delay between executing the Cancel operation and actual completion.
When the operation is complete, check your Logfile and Explorer icon overlays for results.
2-Factor Authentication
Bulk Conversion uses 2FA Consolidation during execution, which utilizes a single 2FA acknowledgment that is then utilized to individually Authorize each and every Conversion operation in a Bulk sequence.
Note however that Catalog creation sometimes requires two 2FA acknowledgments, which is specific to the way in which Catalogs are created and an extension to normal Bulk Conversion activity.
Login Session Duration
If you are nearing the end of your SSProtect Login Session, the software will offer a warning, allowing you to Cancel the Bulk Conversion request before execution. This allows you to manually Refresh Login then re-submit your request to ensure its' operation completes before Session Timeout.
Note, however, that Session Timeout re-issues a Login prompt that will allow you to continue Bulk Operation after you re-authenticate. Even still, if you Cancel the Login Prompt, you can return at a later time and re-submit the same request. Because the software will re-enumerate items that do not match the intended state, this can be used to apply the same operation on any items that weren't completed in any prior attempt (assuming they weren't precluded for other reasons).
List Files
Check the List Files checkbox with Protect or Release radio controls to enumerate the set of files in the given folder (and subfolders, when Include Subfolders is checked) that would be processed for the given operation. Results are stored in the Host Debug Log, though no Conversion is executed with this operation. Once satisfied with scope by reviewing the presented log (in Notepad), you can proceed with the Protect or Release Bulk Operation as you see fit.
Log Details
Log Details is unchecked, by default. This suppresses the typical process-specific conversion instance details in the Host Debug Log. Conversion details include the process ID, the intended operation, and a few other items related to KODiAC Cloud Service connectivity. Check this box when you need to see individual details, though note that every file you convert in a Bulk transaction will place similar process-specific details in the Host Debug Log.
Opt Filter
Opt Filter is by default unchecked, since Refresh Login (starting with v10.5) automatically optimizes your Adaptive Filter. However, when performing Release operations on a target with numerous subfolders, this can be helpful in more immediately taking advantage of optimizations that reduce performance overhead. Check this box and, when results require Refresh Login to take effect, you will see a status indicator, SYNC FILTER, under the OK button. In most cases, this will result in a prompt to Refresh Login when you dismiss the Bulk Conversion dialog.
Note that SYNC FILTER state will remain present if you choose not to Refresh Login and you revisit the display. This indicator is the same indicator you may see in the Managed Files/ Restore Hostlist display. For more information, refer to the article, Managing Host Data.
Profiling
Use the Profile radio control to gain insight into the performance of your host. This utilizes a simple local conversion operation that's typically used when troubleshooting with Support.
Profiling takes a target folder, enumerates all files, and encrypts each one of them individually. This process does not use KODiAC Cloud Services, and encrypted content is not part of your protected data archive - this operation is only used to baseline certain aspects of the conversion process. Speak to your Support representative for more details.
Note that Profiling creates temporary results files that match the filenames of source material in the target folder, though with the extension, ".ssprof". These are removed on successful completion of a Profiling run, which is marked by the presence of a short performance summary on the Bulk operation display. If however the procedure is interrupted, you can safely remove these files manually.
Profiling and Performance Considerations
SSProtect carries out far more than encryption and decryption when Protecting content or Releasing existing protections. Profiling very closely mirrors aspects of this process not associated with network-bound cryptographic offloading, which is useful when investigating performance concerns. Results vary, depending on host computer loading, host architecture, the use of an SSD or a spinning hard drive, and even on the amount of free space remaining.
For details, contact your DefiniSec Representative, or refer to the information at the end bottom of this article for other options.
Operational Details
Note the following when performing bulk operations:
- Bulk operation applies to all items in the target folder (and optionally subfolders)*
- Operation proceeds in parallel, and each thread spins up a conversion process
- If three Conversions fail in succession, you will be prompted to Continue or Cancel
- You can navigate to the SSProtect notification icon and Exit during conversion
- You can navigate using OK to close the Bulk Conversion dialog, though any attempt to access other UI components will return to the Bulk Conversion dialog until operation completes and you subsequently exit the dialog.
- Bulk Conversion ignores Dynamic Switching prompts, automatically switching to Optimized Offloading when the Switch Threshold is exceeded. Refer to the article, Managing Your Account, for details.
- Bulk Conversion honors Integrity requirements, during Release operation first verifying the target file's integrity before proceeding. If the Integrity check fails, Bulk Release will place an event in the local Host Debug Log based on whether it attempts to (and fails or succeeds) decrypt the target (when your Account permits Integrity Override) or ignores the target file (when your Account does not permit Integrity Override). For more information, refer to the article, Operating Modes.
* Profiling is limited to a single target folder, and does not operate on subfolder data.
Additional Resources
You can search this site for more information on various topics, or use this link to submit a specific request. You can also send email directly to support@definisec.com, and our staff will respond to your needs as soon as possible.
In the meantime, don't forget to check out our primary website and Insights columns for information on current trends, security topics, and how our technologies relate.
This article was updated w/ v10.7.1 of the :Foundation Client