Like in windows we can control copy-paste via powershell and can block network share , can we block SCP in linux, as there isn’t any specific exit point for it?
Hi Vishwa,
There are some differences in supported exit points across operating systems. PowerShell is Windows-only, Network Shares are supported on both Windows and Mac, and SCP is monitored across all three platforms. So yes, you can block file transfers on SCP on Linux.
If you need support for a specific application on a particular OS and an official version exists, feel free to submit a request in the Ideas section of the community.
Best,
Zoran
File transfers via SCP in Netwrix EPP for Linux environment are effectively detected and blocked.
Thank you for the explanation Zoran Cocoara
Thank you for your response Jeremy Gold.
I tested this on my linux machine. Selected all the exit points (SCP included then) also selected clipboard settings (all). File upload went through without being blocked and no logs were reported. Can you help @Zoran and @JeremyGold ?
Hi Vishwa,
Have you also selected any File Types or Sensitive Data (e.g. Predefined Content, Custom Content, Regex) from the Policy Denylist section? Endpoint Protector will block the transfer only if the data is defined as confidential under the Denylist section of the Content Aware Protection policy.
Also, please make sure you are testing with the latest Linux client version (2602).
If you followed all the instructions above and SCP transfers are still not capture, please open a support ticket and one of our engineers will assist.
Thank you,
Zoran
Yes we have both the file type and custom content set. We did SCP to a windows machine from a Linux machine, could that be an issue. The agent is the latest version.
Thank you for the additional details, seems like the policy is configured correctly.
Could you clarify the direction of the file transfer? Specifically, was the file copied from the Linux machine to the Windows machine, or from the Windows machine to the Linux machine?
The file was copied from a Linux machine, specifically rocky Linux, to a windows machine.
Altough Rocky Linux is not an officially supported Linux distribution, in my experience the CentOS agent works well on Rocky Linux. Anyway, if the rest of the features work as expected and the only issues you’ve encountered are with SCP transfer, I suggest opening a support ticket for an engineer to check what’s going on.
Best,
Zoran
Alright Thank You
It supports Rocky 8x / 9x well with RHEL 8x / 9x agents.
My customer use cases are over 2K+
Hello Jeremy,
I have got
Linux Client Version: 2602.3.3.0
Linux OS: Linux Red Hat Enterprise Rocky Linux 9.7
EPP server Version: Version 2602.0.1.0
and yet Linux to Windows SCP failed
Hello Zoran,
May I know if Linux - to - Windows SCP is supported or is it only Linux - to - Linux?
Hi Vishwa,
Linux to Windows SCP is supported. As a matter of fact, the destination is not relevant. What’s important is to initiate SCP from a computer where the EPP client is installed. If you have a hard time making it work, your best chance is to work with our technical support team on it.