Overview
The article details the process to block specific device models in GFI EndPointSecurity.
Process
To block device models within GFI EndPointSecurity perform the following steps:
- Add the device model you wish to block in the GFI EndPointSecurity device database
- Create a new policy preventing that particular device.
Add the device model you wish to block in the GFI EndPointSecurity device database.
-
Attach the device model you want to Block to a computer. This computer must be accessible by the GFI EndPointSecurity server since it must be scanned using the Device Scan utility in GFI EndPointSecurity.
-
Log in to the GFI EndPointSecurity server with administrative credentials.
-
Open the GFI EndPointSecurity Management Console.
-
Click on the Tools tab and click on Device Scan.
-
Enter the IP address or computer name of the computer you have attached the device to (in Step 1) under Scan target.
-
Ensure you have entered the appropriate administrative credentials to Scan the remote machine under Scan Details > Credentials,
-
Click on the Scan Button.
-
Find the list of all the devices which are currently attached to the computer under the Device List. Right click on the device you wish to block using GFI EndPointSecurity and click on Add to devices database.
Create a new policy blocking that particular device
-
Within the GFI EndPointSecurity Management Console, click on the Configuration tab.
-
Expand the Protection Policy you want to change, and click on the Security Node under that protection policy.
-
Under the Common Tasks section, click on the Add permissions(s) link.
-
Select Specific Devices under Control Entities, then click on the Next button to continue.
-
Find the new device which you have just added to your Device Library. Mark the checkbox near the device you wish to block and click on Next to continue.
-
Click the Add button to add any users you want to to this policy. Uncheck the Access/Read and Write check boxes if you wish to block this device.
-
Click Finish to add the new policy to the protection policy.
Note: After implementing the above configuration changes successfully, you need to deploy the protection policy updates for the changes to start taking effect.