WIKI: How to define a list of device classes that should be blocked on endpoints?

1

Step [1]: Go to ITSM > CONFIGURATION TEMPLATES and click Profiles menu

Step [2]: Click ‘Create’ icon and Select Create Windows Profile from the drop-down

Step [3]: Fill the form ‘Create Windows Profile’ and submit

  • Name - Enter the name of the profile you want. Example: External Device Classes to be blocked on End-Point
  • Description - Enter the description of the profile. Example: this is to block external devices accessing End-Point
  • Click Create button

Step [4]: Click ‘Add Profile Section’ icon and Select External Devices Control from the Drop-Down

step_1.png
step_1.png1600×900 148 KB

step_2.png
step_2.png1600×900 154 KB

step_3.png
step_3.png1600×900 128 KB

step_4.png
step_4.png1600×900 79 KB

2

Step [5]: Fill the form External Device Control

  • Enable Device Control - This option blocks devices of a client computer from accessing, such as USB drives, Bluetooth devices, printers, and serial and parallel ports.
  • Log Detected Devices - To log detected devices then and there
  • Show notifications when devices disabled or enabled - To get notification from the ITSM for your endpoint, check the option enabled

Step [6]: If you would like to block the device classes, Click Add icon

  • Select the Device Classes from the list of Pop-Window and Click OK button
  • Select the device classes. Example: Smart card readers, Ports
  • Click OK button

Step [7]: Check if you have the list of selected device classes are added into the blocked list table

step_5.png
step_5.png1600×900 77 KB

step_6.png
step_6.png1600×900 127 KB

step_6.1.png
step_6.1.png1600×900 117 KB

step_7.png
step_7.png1600×900 85.1 KB

3

Step [8]: *In case, you would like to delete the added classes into the blocked list, No worry we have Delete option to remove from there.

  • Select the Device Classes and Click the Delete icon
  • Confirm the Device Class Remove Window

Step [9]: If you would like to don’t block the device classes

  • Click the Exclusion tab
  • Click Add icon

step_8.png
step_8.png1600×900 88.6 KB

step_8.1.png
step_8.1.png1600×900 86.9 KB

step_8.2.png
step_8.2.png1600×900 87.3 KB

step_9.png
step_9.png1600×900 76.5 KB

4

Step [10]: Fill the form Add Exclusion

  • Enter Device Custom Name. Example: Mobile
  • Enter the Device ID. Example: 4D36E967-E325-11CE-BFC1-08002BE10318
  • Click Add button

Step [11]: *In case, you would like to delete the item from the exclusion list, follow the steps below

  • Select the item from the Exclusion table
  • Click Delete icon
  • Confirm the Alert Window Exclusion Remove

step_9.1.png
step_9.1.png1600×900 80.2 KB

step_10.png
step_10.png1600×900 80.1 KB

step_10.1.png
step_10.1.png1600×900 85.1 KB

step_11.png
step_11.png1600×900 85 KB

5

Step [12]: Click ‘Save’ button to apply changes.

**Use the defined profile with devices you want to block external device access.

step_11.1.png
step_11.1.png1600×900 81.4 KB

step_11.2.png
step_11.2.png1600×900 81.7 KB

step_12.png
step_12.png1600×900 79.8 KB