This section contains information about Device Control and instructions on how to configure the component settings

ManuelTitoMiguel 2 views 21 slides Mar 01, 2025
Slide 1
Slide 1 of 21
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13
Slide 14
14
Slide 15
15
Slide 16
16
Slide 17
17
Slide 18
18
Slide 19
19
Slide 20
20
Slide 21
21

About This Presentation

Kaspersky

Size: 6.94 MB
Language: en
Added: Mar 01, 2025
Slides: 21 pages

Slide Content

Device Control

Why Device Control is necessary This component manages access to devices and thus helps reduce the attack surface You can allow full access to trusted devices and temporary access to other devices upon request Manages access to Wi-Fi networks Allows you to flexibly restrict access to data storage devices based on various criteria: Account Operation type: Read Modify Schedule It can block the entire connection bus or access to specific types of external devices

Configure Device Control You can allow connecting devices by: Type Bus

Connection buses All buses are allowed by default Device types have priority over buses and a device will work if its type is allowed and its bus is prohibited

Device types These conditions have a higher priority than conditions for buses Rules for printers: Local Network

Rules for devices For storage devices, you can flexibly set up a rule with a schedule for a particular user, taking into account types of file operations

Removable drive access log You can configure logging for file operations on removable drives. Select: File operation type File types Account

Access to Wi-Fi Three actions are available for Wi-Fi: Allow Block Block with exceptions A network is considered trusted if the combination of parameters matches

Anti-Bridging By default, Anti-Bridging is off When enabled, a user can use only one network adapter at a time Anti-Bridging can block simultaneous connections through: Network adapters Wi-Fi Modems Anti-Bridging will apply only to those connection types that you turn On; the others will not be controlled

Local notifications and user requests The user can: Accept it Ask the administrator for permanent access Request temporary access

Where the administrator can find user requests In the User requests selection; each event contains: Identifier and type of blocked device User name Computer name The operation that was blocked on the device Timestamp

Temporary access to blocked devices The user creates a file with a request key Sends it to the administrator The administrator generates an access code Sends it to the user The user activates the key and can access the device

Temporary access to blocked devices A request contains: Device ID Computer name User name Desired access period

Temporary access to blocked devices The administrator finds the necessary computer in the list of managed devices On the menu, selects Grant access in offline mode

Temporary access to blocked devices The administrator adds the request file received from the user Specifies the access duration and the time during which access can be activated Generates a file with an access key and sends it to the user

Temporary access to blocked devices

Trusted devices A trusted device can be specified by: Device ID Device model Mask of device ID Mask of device model

Trusted devices The list shows devices connected to computers where Kaspersky Endpoint Security is installed (and the corresponding event was reported to the Administration Server) To make a device trusted: Select the device Select users

Export and import of the list of trusted devices You can export the list of devices to an XML file If necessary, you can add new devices manually (take care to preserve the file structure) And import the file into the policy again

Device Control events Device Control has several types of events: Network connection blocked (Critical) Operation with the device prohibited (Critical) Device connection blocked (Warning) Temporary access to the device activated (Warning) — not sent to the Server Device access blockage message to administrator (Warning) Device is disconnected (Info) Device is connected (Info) Operation with the device allowed (Info) File operation performed (Info)

Device Control reports The Details tab provides detailed information about each rule-triggering instance Device Control has two reports: Report on Device Control events Report on file operations on removable drives Not all reports are available by default, you will need to add this template manually
Tags
Categories
General
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 2
  • Slides 21
  • Age 277 days
Related Slideshows
Pray For The Peace Of Jerusalem and You Will Prosper 22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
32 views
Don_t_Waste_Your_Life_God.....powerpoint 26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
35 views
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf 31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
32 views
Fertility awareness methods for women in the society 14
Fertility awareness methods for women in the society
Isaiah47
30 views
Chapter 5 Arithmetic Functions Computer Organisation and Architecture 35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
29 views
syakira bhasa inggris (1) (1).pptx....... 5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
30 views
View More in This Category