Detecting and configuring the trust level on devices
SES Evolution monitors USB keys and other USB storage devices. Whenever a USB storage device is connected to an SES Evolution agent, it can be detected and displayed in the Security > Devices panel in the administration console depending on the options enabled. In this panel, a trust level can be manually assigned to these devices. For further information, refer to the section Changing the trust level of a USB device.
Some actions can also be applied automatically to all USB devices connected to agents in a group.
- In an agent group’s Policies tab, go to the Trusted devices section.
- Enable the Allow device identification option if you want SES Evolution to detect every USB device connected to an agent in the group to be detected and automatically assign it trust level 1.
- Enable the Trust empty devices option if you want SES Evolution to detect every USB device connected to an agent in the group and automatically assign trust level 2 to every empty USB device.
- Enable the option Automatically scan devices to automatically assign trust level 2 to every USB device connected to an agent in the group.
When this option is enabled, the antivirus module(s) installed on the workstation will scan the key when it is plugged in, and neutralize potentially malicious files. If the antivirus is able to scan all the files, the device will be considered trustworthy. However, if some files cannot be accessed, the device will not be granted trust level 2, but will keep its current level.
For more information, please refer to the section Managing USB storage devices.