Steps to block creation of certain file extensions in OfficeScan

sunhux used Ask the Experts™
I've seen an ex-colleague blocking file extensions from being created using a feature in McAfee
(can't recall the name).

Can someone provide the steps to do this in Trendmicro Officescan's management console?
What's this feature called in Officescan?
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®


Purpose is to mitigate against ransomwares which we felt is quite effective
Top Expert 2016

to be truly effective you'd have to block a lot of extensions (blacklist) or create a whitelist of extensions( shorter list)

Another method is to use how ransomware works against itself. Since ransomware tends to work alphabetically. So we create a honeypot and then block any file access that tries to rename or otherwise modify these files
Technical Designer
For ransomware they have settings which you may like to enable, but make sure that you test before implementing. Below is the article from TrendMicro you may follow to accomplish the same.

For denying creating some extension, this could be in Outbreak prevention, wherein you have to specify what files extensions are allowed to be modify, rest all would be blocked. See the article below for details:


Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial