The Device Control feature in Defense.com Endpoint Protection allows you to block many different types of devices from connecting to your endpoints, helping to prevent data exfiltration and malware infections.
Your Defense.com representative can help you define and apply blocking rules and exceptions to a vast range of device types such as USB flash drives, Bluetooth devices, storage devices, etc. These permissions can then be applied to your endpoint packages and deployed to your user devices.
Configuration options
With Device Control you have a variety of permission rules to choose from for each type of external device:
Allowed: the device can be used on the target endpoint.
Blocked: the device cannot be used on the target endpoint. In this case, each time the device is connected to the endpoint, the endpoint agent will prompt a notification stating that the device has been blocked.
Read-only: only the read functions can be used with the device.
Custom: different permissions can be applied for each type of port from the same device, such as Firewire, ISA Plug & Play, PCI, PCMCIA, USB, etc. For example, it is possible to block only USB devices and allow all the other external storage ports to be used.
Note: Connected devices that have previously been blocked are not automatically unblocked if the permissions are changed to 'Allowed'. The user must restart the system or reconnect the device to be able to use it.
Exclusions
In addition to setting the permission rules for different types of devices, you may want to exclude certain devices or product types from these rules. Device exclusions can be defined:
By Device ID, to designate individual devices that you want to exclude.
By Product ID, to designate a range of devices produced by the same manufacturer.
Your Defense.com representative can assist you with creating a list of device exclusions where required and ensuring that the changes are applied to your endpoint packages.