Microsoft File Classification with FSRM (File Server Resource Manager)

Pinterest LinkedIn Tumblr

Microsoft introduced the File Classification Infrastructure (FCI) in Windows Server 2008 R2 to help organizations classify data stored on Windows file servers. Using FCI, system administrators can set up rules that automatically classify files based on various factors, such as location or content. After classified, FCI can perform specified actions on them, such as moving them to a specified directory or encrypting them.

Step 1:install FSRM

FCI is part of File Server Resource Manager (FSRM), make sure that the FSRM server role is installed on your file server.Using the following PowerShell command we can install FSRM;

Add-WindowsFeature FS-Resource-Manager –IncludeManagementTools

Figure 1

After the successful installation you can verify that classification tab is available with any file;

Figure 2

Step 2: Create Classification Property

n the FSRM administrative tool, go to the Classification Management area.Expand Classification Management and click on Classification Properties.

In this simulation, we are doing to classify files with three security levels based on the file content.

Figure 3

If we examine any file’s properties on the file server from, you’ll see Classification tab that includes the File Classifications that we’ve created.

Figure 4

Step 3: Create Classification rule

Now that we’ve created a file classification, we can configure the classification to be applied to files automatically via a schedule or on an ongoing basis.In the FSRM administrative tool, go to Classification Rules under the Classification Management Area, and click on Create Classification Rule.

Figure 5

In the Scope tab, set the type of data and folders that will be scanned.

Figure 6

In the Classification tab, set the Classification method to Content Classifier. In Property, choose the classification and set the value. 

In Parameters, click Configure. In the Classification Parameters, you’ll have to set the logic that will be used for finding information inside files. 

In this simulation, we are going to classify files that include National ID numbers as secrets.
NIC pattern is nine (9) numbers with one (1) letter.
Regular Expression for that;

Figure 7

Step 4: Run the Classification rule and Evaluate

In this example i have insert NIC number(123456789v) for one document (doc4).

Figure 8

Finally, let’s test the classification rule. Suppose we have a folder called files that contains two files: one with a NIC number and the other without.
In File Server Resource Manager, in the Actions panel on the far right, click Run Classification With All Rules Now…
In the Run Classification dialog, select Wait for classification to complete and click OK.
A report will be displayed once the classification process is complete. The report below shows that one file has been classified, as expected.

Figure 9

Now we can see the evaluation results.

Write A Comment