I recently got a chance to play around with file screens feature in Windows Server 2003 R2 and found it to be very interesting. Although it appears to be designed to provide general content control on a file server, it has some features that allow you to tightly control content in any directory.

Here are some highlights of what you can do:

• You could get an e-mail whenever there is any new content in your web directory
• Since file screening only prevents the creation of new files and doesn’t affect existing files, you can place specific executables in a directory but prevent any new executables from being placed there.
• The file masks can be a full filename so you can allow only files of certain names and nothing else.
• You could configure an ftp server to run a virus scan on any new files uploaded.
• You can even configure NTFS permissions or set other attributes for files that don’t exist–as soon as the file is created it runs a batch file to set the permissions

As you can see, this could potentially be a very powerful feature. There are a few quirks and it has the feel of a first-generation technology, but it certainly has potential.

Related posts

• No related posts.