Skip to main content

This article applies to version 6.

Other available versions:

Cloud | Version 5icon.qnmark.png

Available in:

StandardPremiumEnterprise
Small Business
Code42 Support

Endpoint Monitoring settings reference

This article applies to version 6.

Other available versions:

Cloud | Version 5icon.qnmark.png

Available in:

StandardPremiumEnterprise
Small Business

Overview

This article contains a reference guide for settings used to enable endpoint monitoring for your entire Code42 environment. To access endpoint monitoring, navigate to Settings > Endpoint Monitoring.

Endpoint Monitoring

Endpoint Detection Settings

Item Description
a Removable media

Enables or disables scanning of file metadata on all removable media, such as USB drives or SD cards.

b Cloud service

Enables or disables detection of syncing files using these cloud storage apps:

  • Box
  • Dropbox
  • Google Backup and Sync
  • iCloud
  • OneDrive
    OneDrive for Business is not supported.
c

Browser activity
(version 6.5 and later)

 

File upload
(version 6.0.x)

Enables or disables detection of files opened in web browsers on Windows devices, such as uploading attachments to web-based email or downloading files from websites.

d File restore

Enables or disables detection of file-restore activity, such as restores of files belonging to other users.

e Pattern matching

Enables or disables detection of dangerous, malicious, or sensitive file metadata and file contents based on specified patterns using the YARA rule framework. Pattern matching requires creating a YARA rule file and manually deploying it to each user device. Unlike the other types of endpoint monitoring, pattern matching only searches files included in the user's backup file selection.

Pattern matching can scan for MD5 hash and filename matches on any file, but does not extract file contents of binary or compressed files. Practically speaking, this means pattern matching only searches the contents of plain text files, unless you create a rule targeting a specific binary string.

Google Drive File Stream activity not detected by endpoint monitoring
Google's Drive File Stream retrieves files by mounting a temporary internal drive partition on the user's device and streaming files to the temporary drive. The Code42 app only monitors file movement to external drives, so it does not detect this activity.

Learn more: Code42 Education Pass training videos

We also have a training module about the Code42 Security Center. The module is 4 videos that are 5–8 minutes long. These videos cover how to enable endpoint monitoring, review security events, and monitor user activity to help you protect against internal and external threats to your organization’s intellectual property.

If you already have a Code42 Education Pass, watch Code42 Security Center. Otherwise, email education@code42.com to learn more about how to get access to training videos