This article explains SSProtect-managed content using the Managed Files/ Restore interface.
Introduction
You can add data to the protective scope of SSProtect many different ways, and one common method uses the context menu available from within Explorer. Right-click a plaintext data file, then choose SSProtect Activate. Your target file will then be protected, as evidenced by the resulting Red icon overlay that appears when the operation is complete.
As you add and remove files, you can review related information in the Managed Files/ Restore context menu item available by clicking the SSProtect notification tray icon that displays the following:
Host Listing
The first rendering of the Managed Files/ Restore - the Hostlist - displays data items actively managed by your Account. This list doesn't necessarily reflect every item you've ever managed, only the list of items you've protected and haven't since Removed.
Navigating Views: Versionlist and Archivelist
Use the buttons on the upper right of the file enumeration to switch from the Hostlist View to a detailed Versionlist and/ or Archivelist. The Versions... button uses the active selection to show you the history - and individual versions - of a managed item, whereas Archive... transitions to a list of all the items you've managed using Double or Hybrid Conversion.
Both views provide insight into :Recover Archive details, described in the article, Managing Archive Data. Note that most of the basic features, such as sorting*, filtering, and folder navigation, are commonly available in each of the Views. Also note that content is NOT refreshed when you navigate from one view to another. Use each panel's associated Refresh button to update content.
* Sort by clicking one of the column headers, though note that the Versionlist always displays file usage history - and Versions - in descending order, newest to oldest.
Context-based File Operations
In each View, you can choose one or more files from the List, then click active buttons to perform a variety of actions described below. Button state will transition based on context and availability. For example, the Versions... button only permits a single selection, thus transitions to disabled when a second item is added to the selection set. In other cases, specific choices preclude certain operations, for example choosing a file that hasn't been stored in the Archive disables the Restore button.
Multi-Select Operation
When you choose multiple files, button context reflects only the state of the last selected file in the selection set - which may be the file at the top of the list if you choose the lower bound first, then the upper bound (while holding the Shift key; use the Ctrl key to add individual items, creating a, "scattered" selection).
Navigating Multi-Select Context
If you wish to perform a single operation, such as Restore, on a set of files, and after choosing your selection set the button remains gray/ disabled, reverse the selection order (choose the top item first, then the bottom item, or vice-versa) or choose one less item in the set until you achieve the desired state. You can then follow with individual items to investigate causes for disabled target button state(s).
Hostlist Scope
The Hostlist, noted, displays files managed by your Account most often on the local host. Because SSProtect Profiles can be Remote Deployed, this isn't an absolute certainty. However, with natural/ common use on a single host, the list will more or less reflect the set of actively managed items you work with over time.
Removing Items from the Host List
Remove in the Hostlist takes the selected file(s) out of the list, though content remains protected (where applicable). Note that the Explorer Overlay Icon will turn from Red to Yellow for such files, indicating that content is no longer natively managed by your Account. If you subsequently open/ close the item, resulting in secured access, it will then be re-added to your local Hostlist and the Explorer Overlay Icon will change back to Red.
Date/ Time
Each listed file includes a Date/ Time, which is presently displayed using GMT to retain consistency with reports and other date/ time values. However, the resulting value may not be as expected.
Consider, for example, a (Missing) file, as depicted by the State column which, as noted below, indicates that a Protected file may have been removed during a period of time that SSProtect was not running (not to be confused with the lack of an active Login Session). In such cases, the Date/ Time value is as a result taken from the timestamp of the last known managed Version in the target file's historic progression.
Suppose you then Restore the file, and observe a Date/ Time value that's older than that for the previous (Missing) State. If you navigate with Versions... (using the file in question as the selection), you will probably find that the latest Version of the file happened to be, "created" by a sharing peer. As such, the Date/ Time you see after Restore matches the last qualified Version you can access, which will most often be the last Version you create (by saving/ closing the managed item).
Hostlist State
As noted above, the State column provides insight into managed content, with typical and standard States as follows:
- Protected - In an expected encrypted state, requiring authorization to access
- Deleted - A Protected file deleted from the local Host, or renamed
- Honeypot - A managed file serving as a Honeypot for access notification*
- Opened - at present being securely accessed in an Application
- Released - A Protected file subsequently removed from protective scope
* Only available when Honeypot controls are enabled. See the article, 2nd Generation Honeypots, for more information.
Protected content can also be in one of the following exception states, representing undesired or unexpected situations further described below:
- (Missing) - A Protected file missing though not due to rename/ delete
- (Changed) - A Protected file whose content has changed since last secured (closed)
- (No Access) - inaccessible, thus State not determined
- (DelNewPro) - Deleted yet present in a protected state (perhaps undeleted)
- (DelNewTxt) - Deleted, represented by a file not in a recognized protected format
- (UnkNewPro) - A file in Protected State though without a matching internal State
- (UnkNewTxt) - A file not in a recognized Protected State and without internal State
(Missing) and (Changed) files are not uncommon but not desired, and they can be the result of dynamics that take place while the :Foundation Client is not running. (No Access) is an indication of a problem with the file or with the previous transaction applied to it, and warrants further investigation by reviewing Host Debug Logs and :Assess Report data.
(DelNewPro) is less common but not necessarily of concern, since delete followed by undelete (undo in Explorer) can render this condition. This State, however, can result from other dynamics, and there is no deterministic way to resolve independent causes.
The last three states are not common, but again may come about as a result of dynamics with the :Foundation Client being shutdown. As such, host logs and :Assess Reports will not provide further insight, save confirmation that the client was not running when the file was last written.
Account Quota
On the bottom left of the display, you'll see a basic Quota summary showing the amount of stored space used against the total space available. If you are not using :Recover, this may read 0 MB of allocated space. It could however hold a positive value if you were at one time using :Recover, even if you aren't when displaying the present instance - Archive data is retained independent from enabling/ disabling :Recover.
Also note the Retaining reference. This is specific to Retention Policy, which along with :Recover KODiAC Cloud Archive details is further described in the :Recover Section, with Retention Policy detailed in the article, Archives, Quotas, and Retention Policy.
Sorting Columns
When you first pull up this display, files are listed by Date/ Time in descending order. Click any column header to sort by its' content, and click a second time to reverse the sort order. You can perform the same actions with the Archivelist (but not the Versionlist, as noted).
Managing Active Files
On the top left, above the file list, you'll see a row of buttons, which do the following:
- Clean - Removes unprotected/ unopened items from the list
- Opt Filter - Optimizes the Adaptive Filter, explained below
- Remove - Removes the selected file(s) from the list (does not unprotect)
- Refresh - Updates the list to reflect changes since originally displayed
Cleaning the Host List
When you execute a Clean operation, you are removing file entries for items no longer Protected/ Managed by SSProtect. The software will not remove these items independently - you must Clean (or Remove each one) else the item will remain in the Host List.
Cleaning the Shared List
When you perform a Clean operation, you may be prompted to remove the, "Shared List" and as a result be taken through a Refresh Login to establish a new, clean Session. This held more significance before Adaptive Filtering was released, though the operation is useful when troubleshooting. As such, unless specifically working with Support to investigate an issue, you can safely bypass this request by choosing No to the prompt.
Filtering for Content
You can limit any View by entering text in the Filter edit control, then pressing <Enter> or clicking Filter. All files that have an exact matching set of characters, in the same order however NOT case sensitive, will be displayed - other items will be masked. If you navigate to a different List, keep in mind that your Filtering entry remains intact, which can be momentarily confusing. Choose Clear to restore the full List for the given View.
Default Folder
The Default Folder is used when a target folder cannot be found or created, as required by an operation. For example, Restore attempts to place a target item in its' last known folder, and if it doesn't exist (and can't be created), the file is instead placed in the Default Folder.
This is also the folder that hosts non-native Replicate operations (a folder structure you can then move). It also serves as the default starting point for Reports, Keyfile Export, User Export, and other operations that store content on your behalf (with your interactive guidance).
Most importantly, your Default Folder serves as a potential point of indirection when using your Profile on multiple host computers, as described in the next section.
IMPORTANT: Host Folders are specific to each host computer from which you use your Profile. This is handled on your behalf as you make changes from each location.
Dynamic Default Folder
Dyn Default allows you to associate a portion of your managed content's path for redirection when you use your Profile (and associated/ managed content) to work on another host computer.
Consider for a moment that you've created data in D:\Data, then decide to Login to SSProtect on another host computer. What if it doesn't have a D:\ volume for you to use?
This case is of course handled by Remote Deployment, however can be simplified when using Dynamic Default Folder Redirection. This allows you to dynamically associate the original D:\Data Default Folder with a different location on other host computers - perhaps C:\Data - and continue working with content in native form.
Further information is offered in the article, Remote Profile Deployment.
Open Folder
Select a file then choose Open Folder to open File Explorer for the managed item. If the target file does not exist, SSProtect will attempt to open the last known folder in which the file was located. If this folder is not available, File Explorer will render the Default Folder. This is helpful for quickly navigating to items, both before and after Restore operations.
Restoring Files
When using :Recover, you can select one or more files then choose Restore (all Views) or Replicate (Archivelist) to Recover managed content.
Replicate differs from Restore in the way target location is determined and carried out. Details are available in the article, Restoring and Replicating.
Honeypots
When Honeypots are active, the primary Hostlist display contains two checkboxes at the top - one to Show Honeypots Only, and one labeled Honeypot to enable/ disable Honeypot behavior for a managed file. For more information, refer to the article, Deploying Honeypots.
Issues
Certain operations, though typically straightforward, can become complicated with very simple modification. Check your Host Debug Log for details related to each operation, as described in the article, Accessing Host Debug Logs.
Additional Resources
You can search this site for more information on various topics, or use this link to submit a specific request. You can also send email directly to support@definisec.com, and our staff will respond to your needs as soon as possible.
In the meantime, don't forget to check out our primary website and Insights columns for information on current trends, security topics, and how our technologies relate.
This article was updated w/ v9.6.1 of the :Foundation Client