File Integrity Monitoring Policy

File Integrity Monitoring lets you monitor files, folders, registry keys, or registry values for changes.

This monitoring helps you comply with security requirements like PCI DSS.

To set up a policy:

  1. Go to Server Protection > Policies.
  2. Create a File Integrity Monitoring policy or edit the Base Policy.
  3. Open the policy's Settings tab.
  4. Select Use File Integrity Monitoring.

By default, we monitor critical Windows system files. You can set up custom monitoring if you want to monitor other locations.

Note If you set up custom monitoring, we strongly recommend that you read the section below.

Custom monitoring

To monitor a location, do as follows.

  1. Go to Custom monitoring.
  2. Click Add location.
  3. In Add location, select the item Type.
    Note If you select Folder, we monitor the folder and the files in it by default. To monitor only the files in the folder, deselect Monitor changes to the folder as well as the files.
    Note If you select Registry Key, we monitor the key but not the values in it. You must use the location type Registry Value to monitor values.

    You can use variables.

  4. Click Add or Add Another.

To edit a location already in the list, click its path and update the details.

To delete a location from the list, click the cross on the right.

Monitoring exclusions

To exclude a location from monitoring, do as follows.

  1. Go to Monitoring exclusions.
  2. Click Add exclusion.
  3. In Add exclusion, select the item Type.
    Note If you select Folder, you exclude the folder and the files in it.
    Note If you select Registry Key, you exclude the key and the registry values within it.

    You can use variables.

  4. Click Add or Add Another.

To edit a location already in the list, click its path and update the details.

To delete a location from the list, click the cross on the right.