I hope someone can answer a question about folder security and replication. I am setting up an environment with full replication, where I am replicating only certain folders from Site A to Site B. For someone who works at Site B, is there a need to use folder-level security to keep them from accessing a file in a folder that is not replicated? Do they have a way of getting a copy of a file that is not in a replicated folder?
You will want to lock down those files via folder security. While limiting replication to certain folders will prevent automatic replication of those files, a user with read permissions can still download the file (which would result in an on-demand replication of the file).