SafeGuard LAN Crypt Administration v.3.6x and above
All supported operating systems
How and when should you use the Ignore and Exclude path within a SafeGuard LAN Crypt profile?
This option is primarily used for files that are accessed very frequently, and that there is no particular reason to encrypt. This improves system performance.
You can create an ignore and Exclude rule within a SafeGuard LAN Crypt profile. SafeGuard LAN Crypt simply ignores files affected by encryption rules of this kind.
The Ignore Rules are defined in the SafeGuard LANCrypt Administration. This can only be done be a LAN Crypt Security Officer.
If a specific application, device, or drive is causing a BSOD, the specific device, drive or the "Program Folder" of that application can be ignored.
Security officers can exclude individual (network) disk drives from the encryption process by creating an encryption rule for this purpose.
Ignore vs. Exclude Rules
SafeGuard LAN Crypt profiles may have two different levels of not encrypting files and folders.
“Exclude” means that the filter driver does not encrypt data in certain paths. However, the filter driver still inspects all data in those paths and transparently decrypts them if a file is encrypted there, or prevents access if the user does not possess the key.
Exclude rules are used to exclude encrypted files in certain folders, e.g. folders which never will be encrypted.
“Ignore” is much stronger. It tells the filter driver not to inspect such a path at all. If encrypted files are inside such folders, they are not decrypted.
This option is used primarily for files which are accessed frequently and do not require encryption. This improves system performance, because SafeGuard LAN Crypt will not do any checks and access control for ignored rules. Files inside ignored folders don’t get encrypted.