Configure monitored folders

as mentioned in the overview section of the main page of this administrative guide, file encryption works by having an input folder where you move files to be encrypted and an output folder where you move the files after encryption this process requires monitoring the input folder for new file uploads we support the following folder monitoring methods {{k}} monitored folders and agent monitored folders in both scenarios, encryption occurs on the {{k}} {{k}} monitored folders with {{k}} monitored folders, the {{k}} mounts to a folder share by using sftp or cifs then, you create a file encryption profile on the {{k}} that defines what folder to monitor, the parameters of what to encrypt, and where to save the file after encryption (either locally in a data partition on the {{k}} or on a folder share) perform the following steps to configure a {{k}} monitored folder go to data protection > file encryption and select \[ add ] in the info tab of the file encryption profile window, notice that in the key mode drop down list, you can select version 1 or version 2 if you select version 1 , when you select \[ choose ] in the key field, you can see and select only file encryption v1 keys if you select version 2 , when you select \[ choose ] in the key field, you can see and select only file encryption v2 keys after entering a name for the file encryption profile and selecting a file encryption key, go to the input tab refer to the file encryption techniques section of this guide to understand the differences between file encryption v1 and file encryption v2 keys in the input tab, select a file share in the source drop down list for instructions on configuring a file share, refer to the {{k3}} user guide when you select a file share as the source , the following fields display field description extension the {{k}} determines which files to encrypt within a directory based on the file extension in this field, specify a valid file extension (such as txt , pdf ) directory select \[ browse ] , and in the file browser, select the input directory you want the {{k}} to monitor subfolders select this checkbox if you want the {{k}} to also monitor subfolders in the main input directory delete original select this checkbox if you want the {{k}} to delete the original unencrypted file after the encrypted version of the file is moved to the configured output directory exclude add the names of all files and folders in the input directory that you want the {{k}} to exclude from encryption note asterisks represent a wildcard character for example, an exclude pattern could be entered as somedir/someotherdir/ txt the path is relative to the input directory in the output tab, the following fields display if you select a file share as the input source in the previous step field description destination in this drop down list, you can select either local or a configured file share if you select local, encrypted files are stored in a data partition on the {{k}} itself, and you can export them by right clicking the file encryption profile and selecting export extension specify the file extension you want to use for encrypted files (such as enc ) directory the \[ browse ] button is active only if you selected a file share as the destination in this case, select \[ browse ] , and in the file browser, select the output directory where you want the {{k}} to save encrypted files overwrite in this drop down list, you can select either disabled , overwrite , or version if you select disabled and a file exists in the output directory under the same name, the {{k}} does not overwrite the existing file if you select overwrite , the {{k}} overwrites the existing file if you select version , the {{k}} saves versions of files under different names include path if you select this checkbox, file headers include the full file path rather than the original file name only select \[ ok ] to finish creating the file encryption profile agent monitored folders with agent monitored folders, you can deploy an agent (a lightweight application running on a windows or linux system) on servers or individual workstations then, administrators can configure them on an individual basis by using a gui based application or for batch deployment by using a configuration text file just as with {{k}} monitored folders, you must create a file encryption profile on the {{k}} that defines what folder to monitor, the parameters of what to encrypt, and where to save the file after it is encrypted the difference is that the input and output folder locations for agent monitored folders are both on the server or workstation that is running the agent perform the following steps to configure an agent monitored folder go to data protection > file encryption , and select \[ add ] in the info tab of the file encryption profile window, notice that in the key mode drop down list, you can select version 1 or version 2 if you select version 1 , when you select \[ choose ] in the key field, you can see and select only file encryption v1 keys if you select version 2 , when you select \[ choose ] in the key field, you can see and select only file encryption v2 keys after entering a name for the file encryption profile and selecting a file encryption key, go to the input tab refer to the file encryption techniques section of this administrative guide to understand the differences between file encryption v1 and file encryption v2 keys in the input tab, select agent in the source drop down list when you select agent as the source , the following fields display field description extension the agent determines which files to encrypt within a directory based on the file extension in this field, specify a valid file extension (such as txt, pdf ) directory enter the full path to the input directory you want the agent to monitor subfolders select this checkbox if you want the agent to also monitor subfolders within the main input directory delete original select this checkbox if you want the agent to delete the original unencrypted file after moving the encrypted version of the file to the configured output directory requires authorization select this checkbox if you want to require the agent to authenticate to the {{k}} with an identity that has been granted file encryption permissions exclude add the names of all files and folders in the input directory that you want the agent to exclude from being encrypted note asterisks represent a wildcard character for example, you can enter an exclude pattern as somedir/someotherdir/ txt the path is relative to the input directory hostname whitelist add the hostnames of all computers and servers running the file encryption agent in the output tab, the following fields display if you selected agent as the input source in the previous step field description destination this field is grayed out because the only supported destination for agent based monitoring is on the computer/server running the agent extension specify the file extension you want to use for encrypted files (such as enc ) directory enter the full path to the output directory where you want the agent to save encrypted files overwrite in this drop down list, you can select either disabled , overwrite , or version if you select disabled and a file exists in the output directory under the same name, the agent does not overwrite it if you select overwrite , the agent overwrites the existing file if you select version , the agent saves versions of files under different names include path if you select this checkbox, file headers include the full file path rather than the original file name only select \[ ok ] to finish creating the file encryption profile