SES Evolution monitors USB keys and other USB storage devices. Whenever a USB storage device is connected to an SES Evolution agent, it is detected and appears in the Devices panel in the administration console. In this panel, a trust level can be manually assigned to these devices. For further information, refer to the section Changing the trust level of a USB device.
Some actions can also be applied automatically to all USB devices connected to agents in a group.
- In an agent group’s Policies tab, go to the Trusted devices section.
- Enable the option Allow device identification and select Automatic if you want SES Evolution to automatically assign trust level 1 to every USB device connected to an agent in the group.
- Enable the option Trust empty devices to automatically assign trust level 2 to every empty USB device.
- Enable the option Automatically scan devices to automatically assign trust level 2 to every USB device connected to an agent in the group.
When this option is enabled, the antivirus module(s) installed on the workstation will scan the key when it is plugged in, and neutralize potentially malicious files. If the antivirus is able to scan all the files, the device will be considered trustworthy. However, if some files cannot be accessed, the device will not be granted trust level 2, but will keep its current level.
For more information, please refer to the section Managing USB storage devices.