The Sophos Community will be offline for scheduled maintenance this Saturday, May 27th, at 13:00 UTC for approximately 1 hour. Apologies for any inconvenience caused.
"Wanna" ransomware outbreak. Please see this Sophos article sophos.com/kb/126733 for advice on how to protect your organization. Immediate action recommended.
Issue How to improve the performance of a computer running SafeGuard Data Exchange/File Encryption.
Known to apply to the following Sophos product(s) and version(s) SafeGuard Data ExchangeSafeGuard File EncryptionSafeGuard Cloud Storage
Operating systems All supported operating systems
1. The default 'Ignore Rules' should include all drives which you do not intend to be "file-based" encrypted. By default, the system and the bootvolume are automatically excluded. Additional drives can be added by modifying the following registry key: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Utimaco\SGLCENC] "DefaultIgnoreRules"="c:\*.*;d:\*.*;"
2. Define applications which interfere with the SafeGuard File Encryption as "unhandled applications". Applications that are registered as "unhandled" are ignored by the SafeGuard Enterprise file-filter driver and file access, and are thereby excluded from transparent encryption/decryption. The 2 main sets of circumstances in which you would do this are where you have:
The full name of the executable file (optionally including path information) must be used to specify an exempted application. As of version 6.00, this is defined in the 'General Settings' policy
The full name of the executable file (optionally including path information) must be used to specify an exempted application.
As of version 6.00, this is defined in the 'General Settings' policy
3. Define System Ignore Rules for folders which are used for example to compile data (e.g. MS Visual Studio) or that contain databases.
System Ignore Rules apply to "transparent encryption" and also "initial encryption". That means that no file in a System Ignore Rule can be "initial encrypted" even if an "encryption rule" exists for this file. If there exists an encrypted file in a "System Ignore Rules" directory (maybe the System Ignore Rule was added later) the user just gets the encrypted data of the file.
If an administrator wants to add files or directories to the System Ignore Rules he has to add the following registry key:
Type:REG_SZ or REG_MULTI_SZ
Wildcards for filenames can be used, multiple values must be separated by a semicolon if REG_SZ is used:
Value Name Type Value IgnorePaths REG_MULTI_SZ c:\Program Files*.*
This example adds the two directories c:\Program Files and c:\Users\Public\Desktop as well as the file c:\Users\administrator\desktop.ini to the System Ignore Rules.
Note: The System Ignore Rules which are added by the Registry are always valid also for subdirectories!
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.