Security policies

The Workbench has a security policy configuration that enables administrators to restrict users' access to things like:

Policies are specified in a file called that needs to be placed within the settings folder under the Workbench installation directory. Users without administrator access typically would not be able to change the contents of this file.

Each of the following keys within a file can be followed by either = allow or = deny. No file is present in a default Workbench installation, and thus by default, all the policies listed below are allowed.

Controls whether notifications for Workbench updates should be shown.
Controls whether notifications for plugin updates should be shown. Note that if plugin_download is set to "deny", plugin update notifications will not be shown, regardless of this setting.
Controls access to online sequence and structure search engines and some databases from third party providers. Depending on the Workbench being used, this includes Search for Sequences at NCBI (Image search_ncbi_sequence_16_n_p), Search for PDB Structures at NCBI (Image search_ncbi_pdb_16_n_p), Search for Sequences in UniProt (Image search_uniprot_sequence_16_n_p), Download Genomes (Image annotate_tracks_16_n_p) and Search for Reads in SRA (Image download_reads_ncbi_sra_16_n_p).
Controls whether tools performing BLAST at NCBI's servers should be available to users. This includes NCBI BLAST (Image blast_ncbi) run from the Toolbox and also from sequence selections.
Controls whether the Download BLAST databases (Image download_from_web_16_h_p) tool, which allows download of BLAST databases from NCBI's servers, should be available.
Controls whether the Plugin Manager should be available. Users will still be able to install plugin updates if plugin_download and plugin_version_check are allowed.
Controls whether plugins can be installed from a local file.
Controls whether plugins can be downloaded and installed via the Download Plugins tab of the Workbench Plugin Manager. Setting this policy to deny also stops checks for for updated plugins and the display of notification dialogs about available plugin updates during Workbench startup.
Controls whether the Manage Workflows dialog should be available.
Controls whether workflows can be installed from a file.
Controls access to the Link Variants To Structure (Image variantsin3d_16_n_p) and Download 3D Protein Structure Database (Image download_variantsin3d_16_n_p) tools, as well as whether the 'Link to Structure' links in variant tables should be enabled or not.
Controls whether anonymous information about the usage of the workbench is shared with QIAGEN, helping us improve our products. It is also possible to opt out of providing usage information on a per-user basis via a setting in the General section of the Preferences dialog.
Controls whether the Workbench should contact the server that distributes content for the Welcome Center.
Controls whether server-enabled tools, run directly or in the context of a workflow, can be run on a Workbench when it is connected to a CLC Server. It has no effect on tools that can be run only on a CLC Workbench or on the ability to download reference data to a CLC Server CLC_References location using the Reference Data Manager.

A sample file can be downloaded from This can then be placed in the settings folder and edited to contain the relevant values. The new policy will take effect next time the Workbench is started.