The USB Protection and Control feature is now available starting from Agent version 1.6.0.6, which was released in September 2023. Please note that any older versions of the agent will not support this feature.
General Specifications
By default, the system allows any USB device to connect to any endpoint. Unless a specific rule is set by the end user, this behavior will remain unchanged.
Setting a New Rule
To create a new rule and control USB device access, follow these steps:
Go to the Policy Page.
Navigate to the Event Response Tab.
Scroll down to the "Agent Policy" Section.
Click on "Add."
Choose the desired rule level.
Select the Event "USB Control."
After selecting this option, the specific USB control behaviour can be configured.
Reminder - Rule Levels
The rule level determines which endpoints the rule will apply to:
Global: This means the rule will be applied organization-wide.
Group: This means the rule will be applied to specific predefined groups of endpoints.
Host(s): This means the rule will be applied to specific individual endpoints.
Block All
One of the available options within USB Control is "Block all." Selecting this rule means that the system will not allow any USB device to connect.
Allow From List
It is also possible to choose an "only what I allow" approach, meaning that all USB devices will be blocked except for those listed.
To specify the allowed devices, you need to create a list of Serial ID (unique identifiers for USB devices): Any ID on this list will be allowed.
For guidance on finding USB Serial IDs, please refer to the guide below.
Block From List
Blocking from the list uses the same approach but inverts it. The list serves as a set of exceptions, meaning that any USB device not listed will be allowed.
TIP: How to Check USB Serial Number (Serial ID)
Press Win + R: Begin by pressing the "Windows" key and the "R" key simultaneously. This will open the Run dialog box.
Type "cmd": In the Run dialog box, type "cmd" (short for Command Prompt) and then press "Enter" or click "OK." This will launch the Command Prompt.
Enter the Command: In the Command Prompt window that opens, copy and paste the following command:
wmic diskdrive get Model, Name, InterfaceType, SerialNumber
View USB Drive Information: After executing the command, the Command Prompt will display information about your USB drive.
Look for the relevant detail - SerialNumber to identify the USB drive.
By following these steps, you can easily retrieve important information about your USB drive, including its model, name, and serial number, using the Command Prompt.