Skip to main content

Targets

Targets let you define the scope a File Protection Policy where it will be executed. Targets provide a straightforward way of creating a set of rules for a file repository. To access Targets, go to Policies > Targets.

The following actions can be performed on every target:

  1. Edit – Allows you to edit the information of the selected target.

  2. Delete – Click this button if you want to delete the selected targets.

  3. Clone – Allows you to copy the configuration of an existing target, which can be edited without impacting the original one.

  4. Status – Shows status information of target, including compliance of devices and findings in file repository.

You can view the graphical representation of this data by clicking Data Risk Assessment button. On clicking this button, you will be redirected to the Target Status screen where the following charts are displayed:

Name of the Chart

Description

Total Files Scanned

This chart displays the total count of files scanned.

Total Data Scanned

This chart displays the total size of files scanned. 

Sensitive Files Found

This chart displays the total number of files found to be sensitive in nature. 

Sensitive Data Found

This chart displays the total size of data found to be sensitive in nature. 

File Distribution

This chart compares the count of sensitive versus non-sensitive files. 

Data Distribution

This chart compares the size of sensitive and non -sensitive data. 

Top 5 Patterns

This chart displays the top 5 patterns found along with the total count of files attributed to each pattern. 

Top 5 Users with Sensitive Data

This chart displays the top 5 users with the most sensitive data along with the total count of files attributed to each user. 

Top 5 Devices with Sensitive Data

This chart displays the top 5 devices with the most sensitive data along with the total count of files attributed to each device. 

Files < 1 year

This chart displays the total count of files whose last modified date was less than a year. 

Files > 1 year & < 5 year

This chart displays the total count of files whose last modified date was greater than a year and less than 5 years. 

Files > 5 year

This chart displays the total count of files whose last modified date was greater than 5 years. 

Count of Retention Data Distribution

This chart displays overall distribution of files based on their last modified date. There are three types of retention period:

  • Files < 1 year

  • Files > 1 year & < 5 years

  • Files > 5 years 

Size of Retention Data Distribution

This chart displays overall size distribution of files based on their last modified date. There are three types of retention period:

  • Files < 1 year

  • Files > 1 year & < 5 years

  • Files > 5 years 

Top 5 Locations Retaining Old Data

This chart displays the top 5 locations of data with last modified date greater than 5 years along with the total count of files scanned.

Top 5 Users Retaining Old Data

This chart displays the top 5 users who have data with last modified date greater than 5 years along with the total count of files scanned. 

Top 5 Devices Retaining Old Data

This chart displays the top 5 devices having data with last modified date greater than 5 years along with the total count of files scanned.

Following is the description of all the columns shown under the Status screen.

Column Name

Description

Compliance

This field specifies whether the target is compliant or not. The green circle indicates that the PEM Agent has received latest policy changes and red circle indicates that the PEM Agent has not received the latest policy changes for the PEM Administrator.

Status

This field indicates any issue occurred in the agent. Possible issues might be invalid configuration, invalid path, or location.

Progress

This field displays the progress of scanning in percentage.

Estimate

This field displays the estimated time the target will complete the processing. The estimate is generated by using the elapsed time since remediation started and the number of files that have yet to be processed. It does not consider what processing or remediation action are being performed, the fact that some file types take no longer to process/remediated, nor the size of the files.

Device

This field displays the name of the device(s) on which policy is executed.

Owner

This field displays the name of the owner of the device.

Size

This field displays the total size of the files which are selected for scanning.

Files

This field displays the total count of files scanned.

Folders

This field displays the total count of folders scanned.

Sensitive Size

This field displays the total size of the files which were found to be sensitive in nature. If a file was discovered as sensitive but remediated by encryption or redaction, the file will not be considered sensitive and will not be counted.

Sensitive Files

This field displays the total count of the files which were found to be sensitive in nature. If a file was discovered as sensitive but remediated by encryption or redaction, the file will not be considered sensitive and will not be counted.

Retention Size < 1 year

This field displays the total size of the file(s) whose last modified date is less than a year.

Retention Files < 1 year

This field displays the total number of the file(s) whose last modified date is less than a year.

Retention Size > 1 year & < 5 years

This field displays the total size of the file(s) whose last modified date is greater than a year and less than 5 years.

Retention Files > 1 year & < 5 years

This field displays the total number of the file(s) whose last modified date is greater than a year and less than 5 years.

Retention Size > 5 years

This field displays the total size of the file(s) whose last modified date is greater than 5 years.

Retention Files > 5 years

This field displays the total number of the file(s) whose retention period is greater than 5 years.

Filtered Size

This field displays the total size of the files filtered by the targets file filter.

Filtered Files

This field displays the total count of files filtered by the targets file filter.

Filtered Folders

This field displays the total count of folders filtered by the targets file filter.

Errored Files

This field displays the total count of files which were not processed due to some error.

Last Reported

This field displays the date when the agent last reported back to the PEM Administrator.

The Persistent Targets panel displays the list of all targets defined in the PEM Administrator. The following is the description of the columns.

Column Name

Description

Name

This field displays the name of the target.

Enabled

This field indicates whether a target is enabled.

Users/Groups

This filed displays users/groups assigned to the target.

Pool

This field displays distributed app pool assigned to the target.

Platform

This field indicates the platform associated with the target.

Rank

This field contains the target rank; only applicable if a distribute app pool is assigned.

Paths

This field contains the exact path of the file folder the target will run against.

Updated At

This field display the date when target was last updated.

To Add a Persistent Target

To add a Persistent Target, the following attributes needs to be configured:

Attributes

Description

Name

Enter the name of the target. This must be descriptive.

Comment

Enter any additional information in this field, if required.

Enabled

Indicate if target should be enabled on save.

Platform

There are different platforms on which targets are supported i.e., Windows, Linux and OSX. OSX is not available when a distributed app pool is selected.

System Discovery

Check this checkbox if you want to create a system discovery target. System Discovery Targets will be synced to any device with a System Agent installed. Only one System Discovery Target can be created for each platform. System Discovery can be performed on Windows, Linux or MacOS platforms.

Users/Groups

This field displays the list of identity accounts in PEM Administrator. To search users, you can make use of Advanced Definitions feature. Must be left blank if a distributed app pool is selected.

Distributed App Pool

The drop-down display the list of all Distributed App Pools based on the type of platform selected. Must be left blank if users/groups are assigned.

Local Path(s)

This field contains the exact path of the folder where the file protection policy should be applied. When a distributed app pool is selected, each of the specified paths must exist on all of the machines in the specified distributed app pool and must refer to the same underlying storage volume.

  1. ${@all@} – this will scan all logical drives on the system.

  2. ${@desktops@} – this will scan all the sub folders and files kept in the ${@homes@}\Desktop folder on the system.

  3. ${@downloads@} – this will scan all the sub folders and files kept in the ${@homes@}\Downloads folder on the system.

  4. ${@documents@} – this will scan all the sub folders and the files kept in the ${@homes@}\Documents folder on the system.

  5. ${@shares@} – this will scan all the sub folders and files kept on the file system shares but does not include administrative share.

  6. ${@homes@} – this will scan all sub folders and files kept inside profiles directory.

File Protection Policy

The drop-down displays the list of all protection policies which are defined in the File Protection Policy page. If the System Discovery is checked the file protection policy selected must only have a report remediation. All other remediations are not supported in a System Discovery Target.

Rank

By default, the value is set to 0 (zero). Lower number means highest ranking. When a Distributed App Pool is selected, rank is used to create a priority list of targets.

Scan Only Mode

When checked the filesystem watcher is disabled and files are only picked up during periodic scan when sweep interval elapses.

Sweep Interval

This option is a secondary scan which runs to ensure that all the files are processed. Sometimes there is a possibility that system under extremely high load will not expose the correct file system event to PK Protect. Due to this reason, the file will not get processed.

The time interval specifies how often a secondary scan should run. The default setting is 84,600 second i.e., 1 Day.

Enable Scheduling

Select Enable Scheduling to configure the target scheduling options. The following option are available:

  • Start Time and Pause Time – Select the time in the Start Time and Pause Time fields. This identifies the time range during which the target will run the time is based on the agent.

  • Passive Mode – This queues the file(s) to be processed later if they-re encountered outside of the scheduling range.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.