Adding Device control rules
A Device control rule defines the action taken when a device, meeting the rule criteria, is connected to the computer.
Enter a description of the rule into the Name field for better identification. Click the toggle next to Rule enabled to disable or enable this rule; this can be useful if you do not want to delete the rule permanently.
Device type
Choose the external device type from the drop-down menu:
•Disk storage – Applies to any disk storage connected via USB, including external CD/DVD drives and conventional memory card readers
•CD/DVD – Applies to internal CD/DVD drive connected via IDE or SATA
•All devices – Includes all types above
Device type information is collected from the operating system. Use the lsdev utility to list connected devices and their attributes.
Because these devices only provide information about their actions and do not provide information about users, they can be blocked globally only.
Action
Access to non-storage devices can either be allowed or blocked. In contrast, rules for storage devices allow you to select one of the following rights settings:
•Read/Write – Full access to the device
•Block – Access to the device is blocked
•Read Only – Only read access to the device
For Criteria type, select Device or Device group.
Additional parameters shown below can be used to fine-tune rules and tailor them to devices. All parameters are case-insensitive:
•Vendor – Filter by vendor name or ID.
•Model – The given name of the device.
•Serial – External devices usually have their serial numbers. In the case of a CD/DVD, this is the serial number of the given media, not the CD drive.
Undefined parameters If these parameters are undefined, the rule will ignore these fields while matching. Filtering parameters in all text fields are case-insensitive, and wildcards (*, ?) are not supported. |
Device control logs To view information about a device, create a rule for that type of device, connect the device to your computer and then check the device details using the lslog command-line utility with -l or --device-control parameter. |
Logging Severity
•Information – Records informative messages, including successful update messages, plus all records above.
•Warning – Records critical errors and warning messages and sends them to ESET PROTECT.