ESET Online Help

Search English
Select the topic

Adding Device control rules

A Device control rule defines the action taken when a device, meeting the rule criteria, is connected to the computer.

config_devmon_rule_edit_dlg

Type a description of the rule into the Name field for better identification. Click the toggle next to Rule enabled to disable or enable this rule; this can be useful if you do not want to delete the rule permanently.

Device type

Choose the external device type from the drop-down menu:

Disk storage – Applies to any disk storage connected via USB, including external CD/DVD drives and conventional memory card readers

CD/DVD – Applies to internal CD/DVD drive connected via IDE or SATA

All device types – Includes all types above

Device type information is collected from the operating system. Use the lsdev utility to list connected devices and their attributes.

Because these devices only provide information about their actions and do not provide information about users, they can be blocked globally only.

Action

Access to non-storage devices can either be allowed or blocked. In contrast, rules for storage devices allow you to select one of the following rights settings:

Allow – Full access to the device

Block – Access to the device is blocked

Write Block – Only read access to the device

For Criteria type, select Device or Device group.

Additional parameters shown below can be used to fine-tune rules and tailor them to devices. All parameters are case-insensitive:

Vendor – Filter by vendor name or ID.

Model – The given name of the device.

Serial – External devices usually have their serial numbers. In the case of a CD/DVD, this is the serial number of the given media, not the CD drive.


note

Undefined parameters

If these parameters are undefined, the rule will ignore these fields while matching. Filtering parameters in all text fields are case-insensitive, and wildcards (*, ?) are not supported.


note

Device control logs

To view information about a device, create a rule for that type of device, connect the device to your computer and then check the device details using the lslog command-line utility with -l or --device-control parameter.

Logging Severity

Information – Records informative messages, including successful update messages, plus all records above.

Warning – Records critical errors and warning messages and sends them to ESET PROTECT.