Safeguard for Privileged Sessions supports Granular access control. Since SPS has full access to the inspected traffic, security managers can granularly control who can access what and when on the servers.
For example, they can selectively permit or deny access to protocol channels: enable terminal sessions in SSH, but disable port-forwarding and file transfers, or enable desktop access for RDP, but disable file sharing.
RDP-specific settings is controlled by the Channel Policy: The channel policy determines which RDP channels (for example clipboard, file-sharing, and so on) can be used in the connection, and whether they are audited or not.
Clipboard: Enables access to the server's clipboard: the clipboard of the remote desktop can be pasted into local applications (and vice-versa). If the Clipboard channel is enabled, it implicitly enables copying files as well, as the user can simply copy-paste the file.