Settings for local learning

Setting	Configuration options
Upload local whitelist to DriveLock Enterprise Service	Once created, you can have the local whitelist sent to the DriveLock Enterprise Service (DES), which maintains a list of all locally learned files. This list can then be used to generate hash rules. The default option is Disabled.
Start learning the local whitelist automatically	Use this setting to define whether local whitelist learning is started automatically (i.e. as soon as the corresponding policy is assigned to the DriveLock Agent) or by users. The default option is Enabled. Select Disabled if you want to wait until a user actively starts learning. This means that the user is responsible for the initial learning of the local whitelist. You can configure the settings of the agent user interface accordingly. To do so, go to the Global configuration node, select Settings and then the User interface settings sub-node and then Task bar notification area settings. Here you can add the context menu item Initial local whitelist learning. Keep in mind that application blocking is disabled in this case until the user has initiated learning.
Additional extensions learned for the local whitelist	You can specify additional file types in addition to the standard file types to add to the local whitelist. This is useful if an application uses a different file extension for a file type, or in order to learn scripts that are already running on the system.
Directories learned for the local whitelist	Typically, the files are learned from all local hard drives. You can specify that this is done in certain directories where the software to be learnt is found, for example the Programs directory. Enable the setting by specifying the directories in the list. It is also possible to exclude certain directories from learning. For example, we recommend explicitly excluding the directory C:\Windows\Servicing\LCU in order to accelerate the speed of application learning. Please also exclude C:\Windows\Temp so that not all temporary files are learned, which could pose a security risk under certain circumstances. In the Policy Editor in the DMC, proceed as illustrated in the figure:

Upload local whitelist to DriveLock Enterprise Service

Once created, you can have the local whitelist sent to the DriveLock Enterprise Service (DES), which maintains a list of all locally learned files. This list can then be used to generate hash rules. The default option is Disabled.

Start learning the local whitelist automatically

Use this setting to define whether local whitelist learning is started automatically (i.e. as soon as the corresponding policy is assigned to the DriveLock Agent) or by users.

The default option is Enabled.

Select Disabled if you want to wait until a user actively starts learning. This means that the user is responsible for the initial learning of the local whitelist. You can configure the settings of the agent user interface accordingly. To do so, go to the Global configuration node, select Settings and then the User interface settings sub-node and then Task bar notification area settings. Here you can add the context menu item Initial local whitelist learning.

Keep in mind that application blocking is disabled in this case until the user has initiated learning.

Additional extensions learned for the local whitelist

You can specify additional file types in addition to the standard file types to add to the local whitelist. This is useful if an application uses a different file extension for a file type, or in order to learn scripts that are already running on the system.

Directories learned for the local whitelist

Typically, the files are learned from all local hard drives. You can specify that this is done in certain directories where the software to be learnt is found, for example the Programs directory. Enable the setting by specifying the directories in the list.

It is also possible to exclude certain directories from learning. For example, we recommend explicitly excluding the directory C:\Windows\Servicing\LCU in order to accelerate the speed of application learning. Please also exclude C:\Windows\Temp so that not all temporary files are learned, which could pose a security risk under certain circumstances.

In the Policy Editor in the DMC, proceed as illustrated in the figure: