Controlling access to general devices

This protection type allows you to control how floppy disk drives, CD/DVD drives and serial ports are used on physical or virtual user workstations. Floppy disk drives and serial ports are found mostly in industrial environments.

For every type of device, you have the option of allowing, blocking (in a protection rule set) or simply monitoring its use (in an audit rule set).

1. Select the Security > Policies menu and click on your policy.
2. Select a rule set.
   
3. Click on the Devices > General tab. Access to all devices is allowed by default and rules are disabled. Enable them by clicking on on the left if you want to block access (Protection mode) or monitor access (Audit mode). Ensure that your rule sets are in the right order if these rules are enabled in several rule sets, as they may overload and cancel the effect of the general device access configuration in the rule sets that follow.
4. For every device type, select the action to apply whenever the device is used or plugged in. If you select Block or Audit, logs will only be generated the first time this device is used.
5. In the banner at the top of the rule:
   • Select the log settings that this rule will send.
   • Specify whether an action must be performed when a log is sent for this rule.

Floppy disks or CD/DVDs inserted into external USB drives, and serial ports linked by a USB cable are considered both USB devices and floppy disk or CD/DVD drives, or internal serial ports. They can therefore be blocked either from the General tab or the USB tab.