Windows Server 2008 R2 is now in Release Candidate 1 and there are many new features available. This article looks at a file server feature that can allow organizations to classify new and existing files.
The File Classification Infrastructure (FCI) is designed to help administrators better manage and secure the files within their organization. The feature works by allowing administrators to assign meta data to files on their Windows 2008 R2 file servers.
FCI uses policies or rules to assign the meta data properties to data which meets specified conditions. Doing this allows the classification of existing data to be scheduled to happen during non business hours or off peak times.
What does meta data classification do for an organization?
Once data is classified using this technology, rules can be created to take action on the data that meets certain classification conditions. For example, suppose I create a classification property for business value. The selections for the property are High, Medium, and Low. I then create a rule to set this property as follows, files last modified over 365 days ago will be classified as Low, files last modified over 180 days ago and not in the D:\data\important folder will be classified as Medium, and files in the D:\data\important folder are classified as High. The rule to assign these properties is scheduled to run weekly, Mondays at 9:00am.
This will ensure on a weekly basis that files that are stored in the important directory get classified as such.
Once files are classified, other rules can be created to ensure that certain permissions are applied (or removed) from files with certain properties set.
You could, as an administrator, configure a rule to configure permissions on the D:\data\important folder to disallow anyone but top level management to see/access the files there. Scheduling this rule and action to fire on a weekly basis Monday afternoons could make sure important files are kept private without intervention.
Another use of this technology would be to expire (or move and hide) old files. A rule to check the file server for files last modified in 400 days and move them to a folder that only administrators can access can help clean up the server and keep disk space free.
This article is intended as a high level overview of the technology introduced by the File Classification Infrastructure. To get the feature working you will need to add the following roles to your Windows 2008 R2 Server.
File Server Role
File Server Resource Manager (FSRM)
The feature is a subset of utilities within the FSRM console and can be accessed by expanding the File Classification Infrastructure node there.
Because this feature is new to the Windows Server 2008 R2 release there are many features coming in the future, both created by ISVs and by Microsoft. The Expiration file rule is included to help provide out of box usability for the feature. Additional functionality will be available as the feature matures.
Classification rules can contain custom actions and run programs to take action on files that meet conditions specified when the rule is created. The technology is not limited to file expiration, but can be used to launch programs like XCopy or other useful tools against data.
Hopefully this article will encourage you to download the Windows Server 2008 R2 release candidate and test this functionality to see if it will be a fit for your organization. As I work with the product more, I will review the specifics of the feature and create real world usage examples. Note: The File Classification Infrastructure feature is only available in Windows Server 2008 R2.
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job.
The first step is to acquire the necessary licen…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…