Server: Peripheral Control
Peripheral control lets you control access to peripherals and removable media.
If you need to exempt individual peripherals from that control you should use a Server Peripheral Control Policy in Sophos Central Admin.
Manage Peripherals
In Manage Peripherals, select how you want to control peripherals:
- Monitor but do not block (all peripherals will be allowed): If you select this, access to all peripherals is allowed, regardless of any settings below. All peripherals used will be detected but you can't set access rules for them.
- Control access by peripheral type and add exemptions: If you select this, you can go on to set access policies for peripheral types.
Note
You can't add peripheral exemptions at the global level, so you will need to do this at the customer level.
Set Access Policies
Set access policies in the table.
The table displays detected peripheral types, the number of each type detected, and the current access policy.
Note
The totals include all peripherals detected, whether on endpoint computers or servers. This makes it easier to set consistent policies for all devices.
Note
The MTP/PTP category includes devices such as phones, tablets, cameras and media players that connect using the MTP or PTP protocols.
For each peripheral type, you can change the access policy:
- Allow: Peripherals are not restricted in any way.
- Block: Peripherals are not allowed at all.
- Read Only: Peripherals can be accessed only for reading.
Note
The Bluetooth, Infrared, and Modem categories do not have the Read Only option.
Note
The Wireless Network Adaptor category has a Block Bridged option. This prevents bridging of two networks.
Desktop Messaging
You can add a message to the end of the standard notification. If you leave the message box empty only the standard message is shown.
Desktop Messaging is on by default.
Note
If you switch off Desktop Messaging you will not see any notification messages related to peripheral control.
Click in the message box and enter the text you want to add.