- The solution can perform real time scanning of all content prior to upload for instance(s) of forbidden keyword/phrases and file types, and can block or replace the violating content accordingly
- The solution can perform scheduled scanning of existing content which have been uploaded to the sites for instance(s) of forbidden keyword/phrases and file types, and can remove the violating content accordingly
- Each site collection can has its own filtering dictionary, containing the list of forbidden keyword/phrases and file types, and its own filtering profile, containing the list of actions to be taken for violating content based on scanning type, such as block, delete, remove content with error message, send email to content creator or modifier, etc. This is actually the main requirement since each site collection can be owned by different agencies and each agency has its own content policy. For example, some agencies might allow .avi content in their sites, while other agencies might prohibit them
- The content filtering can be performed on lists, list attachments, and document libraries for items where their iFilters are installed, including zipped items
- The solution provides audit trails for all the actions taken, such as block, delete, etc.
- The solution user interface is integrated with SharePoint Central Administration
Another possible solution is Microsoft Forefront Security for SharePoint, which provides both file type and keyword/phrases based content filtering. However, the filtering policy also cannot be applied at the site collection level. The granularity is at web application level.
After some researches, we finally found a suitable content filtering solution from AvePoint, a Microsoft Gold Certified Partner. The AvePoint Content Shield perfectly meets our requirements. They do have the capability the perform real time and scheduled scanning of all content based on both keyword/phrases and file types. Each type of scanning has its own actions that can be chosen for its filtering profile. For example, for real time scanning you might want to block or remove the content with error message for violating contents, while for scheduled scanning you might just want to delete the violating contents. The filtering dictionary and profile are configurable and the most important thing is it can be applied at a site collection level. Hence, different site collections can have their own filtering policy. From the user interface perspective, it is nicely integrated with Central Admin where we can also see the audit trails for the scanning and filtering activities there.
Below is the screen for AvePoint Content Shield administration in Central Administration:
Below is the screen where we can define content dictionary (keyword/phrases) that can be applied at different site collections later on:
Below is the screen where we can define file type dictionary that can be applied at different site collections later on:
Below is the screen where we can define our own filtering profiles that can be applied at different site collections later on: