Working with File Classification
Applies To: Windows Server 2008 R2
Most applications manage files based on the directory they are contained in. This leads to complicated file layouts that require much attention from administrators and lead to frustration for users.
To reduce the cost and risk associated with this type of data management, the File Classification Infrastructure uses a platform that allows administrators to classify files and apply policies based on that classification. The storage layout is unaffected by data management requirements and the organization can adapt more easily to a changing business and regulatory environment.
Files can be classified in a variety of ways—today, classification is commonly performed manually. The File Classification Infrastructure in Windows Server 2008 R2 allows organizations to convert these manual processes into automated policies. Administrators can specify file management policies, based on a file’s classification, and automatically apply corporate requirements for managing data, based on business value. They can easily modify the policies and use tools that support classification to manage their files.
In this section:
Creating a classification property
Creating a classification rule
Setting up a classification schedule
Note
To set e-mail notifications and certain reporting capabilities, you must first configure the general File Server Resource Manager options.
Classification properties cannot be assigned to or retrieved from encrypted files. If a classified file becomes encrypted, it retains its classification properties; however, those properties cannot be retrieved until the file is decrypted.
Creating a classification property
Classification properties are used to assign values to files. There are many property types that you can choose from, and you can define them based on the needs of your organization.
The following table defines the available property types and the policy that is applied when a file is reclassified.
Property | Description |
---|---|
Yes/No |
A Boolean property that can be Yes or No. When multiple values are combined, a No value overwrites a Yes value. |
Date-time |
A simple date and time property. When multiple values are combined, conflicting values prevent reclassification. |
Number |
A simple number property. When multiple values are combined, conflicting values prevent reclassification. |
Multiple Choice List |
A list of values that can be assigned to a property. More than one value can be assigned to a property at a time. When multiple values are combined, each value in the list is used. |
Ordered List |
A list of fixed values. Only one value can be assigned to a property at a time. When multiple values are combined, the value highest in the list is used. |
String |
A simple string property. When multiple values are combined, conflicting values prevent reclassification. |
Multi-string |
A list of strings that can be assigned to a property. More than one value can be assigned to a property at a time. When multiple values are combined, each value in the list is used. |
Note
The Yes/No, Ordered List, Multiple Choice List, and Multi-string property types support aggregation, by which new property values can be added to existing values or replace values that are defined as having a lower priority. Date-time, Number, and String property types cannot be aggregated.
The following procedure guides you through the process of creating a classification property.
To create a classification property
In Classification Management, click the Classification Properties node.
Right-click Classification Properties, and then click Create property (or click Create property in the Actions pane). This opens the Classification Property Definitions dialog box.
In the Property Name text box, type a name for the property.
In the Description text box, add an optional description for the property.
In the Property Type drop-down list, select a property type.
Click OK.
Creating a classification rule
The following procedure guides you through the process of creating a classification rule that is used to automatically classify files. Each rule sets the value for a single property.
To create a classification rule
In Classification Management, click the Classification Rules node.
Right-click Classification Rules, and then click Create a New Rule (or click Create a New Rule in the Actions pane). This opens the Classification Rule Definitions dialog box.
On the Rule Settings tab, enter the following information:
Rule name. Type a name for the rule.
Enabled. This rule is only applied if you select the Enabled check box. To disable the rule, clear this box.
Description. Type an optional description for this rule.
Scope. Click Add to select a location where this rule will apply. You can add multiple locations, or remove a location by clicking Remove. The classification rule applies to all folders and their subfolders in this list.
On the Classification tab, enter the following information:
Classification mechanism. Choose a method for assigning the property value. The classification mechanisms are provided by a series of plug-ins that are included with Windows Server 2008 R2 or produced by you or an ISV.
Property name. Select the property that this rule will assign.
Property value. If the classification mechanism requests a specific value to set on files, select the property value that this rule will assign. Otherwise, this field is not enabled.
Optionally, click the Advanced button to select further options.
a. On the Evaluation Type tab, the Re-evaluate files check box is cleared by default. This means that the rule only applies to files that are not already classified for the property that is set by the rule. You can set the following options:
Re-evaluate files—not selected: A rule applies a default value for the specified property to a file if, and only if, the property on the file has not been set to any value.
Re-evaluate files—selected, and the Overwrite the existing value option is selected: The rule is applied to the files, if the file or classification mechanism is updated, every time the automatic classification process runs (ignoring any existing or default value for the property that is specified by the rule). For example, if a file has a Boolean property that is set to Yes, a rule that uses the folder classifier to set all files to No changes the property value to No.
Re-evaluate files—selected and the Aggregate the values option is selected: The rule is applied to the files if the file or classification mechanism is updated every time the automatic classification process runs. However, when the rule determines a value for the property file, it aggregates that value with the one already in the file. For example, if a file has a Boolean property that is set to Yes, a rule that uses the folder classifier to set all files to No leaves the property value set to Yes.
Note
Date-time, Number, and String property types cannot be aggregated. To view the definition and the aggregation policy of each available property type, see Creating a classification property.
b. To specify additional parameters that are recognized by the selected classification method, click the **Additional Classification Parameters** tab, enter the name and value, and then click the **Insert** button.
c. Click **OK** or **Cancel** to close the **Advanced** dialog box.
- Click OK.
Note
If multiple rules affect the same property for a given file, in general the values from those rules are aggregated together if the property type can be aggregated. However, rules that are set to Re-evaluate files with the Overwrite the existing value option selected, ignore the default values from rules that do not have the Re-evaluate files option selected. The exception is if another rule is selected with the Aggregate the values option, and it affects the same property.
Setting up a classification schedule
Classification of a large number of files can take time. For that reason, the File Classification Infrastructure only classifies files on a schedule that is set by the administrator or when an application requests the classification properties of a file.
To set up a classification schedule
In the console tree, right-click File Server Resource Manager, and then click Configure Options.
In the File Server Resource Manager Options dialog box, click the Automatic Classification tab.
Click Create and then, in the Schedule dialog box, click New.
Note
The default schedule is set for 9:00 A.M. daily. Because classification can be time consuming, you can adjust the schedule to run during periods of lower server usage.
Optionally, on the Settings tab, select the Stop the task if it runs for check box and specify the number of hours the task should run. For example, enter 5 to ensure that the classification process runs nightly from midnight to 5:00 A.M.
Click OK.