Device Management in PM16 (specifically: blocking USB Mass Storage)

Hi there,
I´m testing the blocking of USB Mass Storage Devices in Policy Manager 16. Blocking works successfully, but I cannot get exceptions to work. This is how it looks in PM:
As you see, I blocked USB Mass Storage Devices: OK. Next, I tried to enable 2 specific USB Flash Drives by their Hardware IDs. But this does not work. These Flashdrives keep being blocked. What am I doing wrong?
Best Answer
-
Hi @zwp-secure
Thank you for reaching out the WithSecure Community,
Ensure that the Hardware ID for the devices is correct, verify that the device is enabled in the Windows Device Manager, and then re-add the device ID to the filtering rules. In addition to the hardware ID, you can also utilize the compatible ID, device class GUID, or parent ID. For further details, please refer to the
.If you are encountering issues where Device Control is not blocking "write access" or "executable launching" on USB mass storage devices, it could be because external USB disk drives are being recognized by Windows as standard drives. In such scenarios, Device Control perceives them as regular drives rather than external ones. To address this problem, follow the steps outlined in the instructions provided here.
Best regards,
Sethu
Community Moderator | Technical Support Engineer
WithSecure™0
Answers
-
Thanks. I found the right ID. In the german version it´s called "Geräte ID".
1
Categories
- All Categories
- 4.8K WithSecure Community
- 3.6K Products
- 2 Get Support