WIKI: How to define a list of device classes that should be blocked on endpoints?

Step [1]: Go to ITSM > CONFIGURATION TEMPLATES and click Profiles menu

Step [2]: Click ‘Create’ icon and Select Create Windows Profile from the drop-down

Step [3]: Fill the form ‘Create Windows Profile’ and submit

  • Name - Enter the name of the profile you want. Example: External Device Classes to be blocked on End-Point
  • Description - Enter the description of the profile. Example: this is to block external devices accessing End-Point
  • Click Create button

Step [4]: Click ‘Add Profile Section’ icon and Select External Devices Control from the Drop-Down

Step [5]: Fill the form External Device Control

  • Enable Device Control - This option blocks devices of a client computer from accessing, such as USB drives, Bluetooth devices, printers, and serial and parallel ports.
  • Log Detected Devices - To log detected devices then and there
  • Show notifications when devices disabled or enabled - To get notification from the ITSM for your endpoint, check the option enabled

Step [6]: If you would like to block the device classes, Click Add icon

  • Select the Device Classes from the list of Pop-Window and Click OK button
  • Select the device classes. Example: Smart card readers, Ports
  • Click OK button

Step [7]: Check if you have the list of selected device classes are added into the blocked list table

Step [8]: *In case, you would like to delete the added classes into the blocked list, No worry we have Delete option to remove from there.

  • Select the Device Classes and Click the Delete icon
  • Confirm the Device Class Remove Window

Step [9]: If you would like to don’t block the device classes

  • Click the Exclusion tab
  • Click Add icon

Step [10]: Fill the form Add Exclusion

  • Enter Device Custom Name. Example: Mobile
  • Enter the Device ID. Example: 4D36E967-E325-11CE-BFC1-08002BE10318
  • Click Add button

Step [11]: *In case, you would like to delete the item from the exclusion list, follow the steps below

  • Select the item from the Exclusion table
  • Click Delete icon
  • Confirm the Alert Window Exclusion Remove

Step [12]: Click ‘Save’ button to apply changes.

**Use the defined profile with devices you want to block external device access.