Server: Peripheral Control
Peripheral control lets you control access to peripherals and removable media.
If you need to exempt individual peripherals from that control you should use a Server Peripheral Control Policy in Sophos Central Admin.
In Manage Peripherals, select how you want to control peripherals:
Monitor but do not block (all peripherals will be allowed): If you select this, access to all peripherals is allowed, regardless of any settings below. All peripherals used will be detected but you can't set access rules for them.
Control access by peripheral type and add exemptions: If you select this, you can go on to set access policies for peripheral types.
You can't add peripheral exemptions at the global level, so you will need to do this at the sub-estate level.
Set Access Policies
Set access policies in the table.
The table displays detected peripheral types, the number of each type detected, and the current access policy.
The totals include all peripherals detected, whether on endpoint computers or servers. This makes it easier to set consistent policies for all devices.
The MTP/PTP category includes devices such as phones, tablets, cameras and media players that connect using the MTP or PTP protocols.
For each peripheral type, you can change the access policy:
Allow: Peripherals are not restricted in any way.
Block: Peripherals are not allowed at all.
Read Only: Peripherals can be accessed only for reading.
The Bluetooth, Infrared, and Modem categories do not have the Read Only option.
The Wireless Network Adaptor category has a Block Bridged option. This prevents bridging of two networks.
You can add a message to the end of the standard notification. If you leave the message box empty only the standard message is shown.
Desktop Messaging is on by default.
If you switch off Desktop Messaging you will not see any notification messages related to peripheral control.
Click in the message box and enter the text you want to add.