On the Endpoint Protection > Device Control > Policies tab you can manage different sets of device control settings which can subsequently be applied to the computer groups monitored by endpoint protection. These sets are called device policies.
By default two device policies are available: Blocked All prohibits the usage of all types of devices, whereas Full Access permits all rights for all devices. These policies cannot be modified.
To add a new policy, proceed as follows:
Click the Add Policy button.
The Add Policy dialog box opens.
Make the following settings:
Name: Enter a descriptive name for this policy.
Storage devices: For different types of storage devices you can configure whether they should be Allowed or Blocked. Where applicable, a Read only entry is available, too.
Network devices: For modems and wireless networks you can configure whether they should be Allowed, Block bridged, or Blocked.
Short range devices: For Bluetooth and infrared devices you can configure whether they should be Allowed or Blocked.
Comment (optional): Add a description or other information.
The new policy appears on the device control policies list. It can now be applied to a computer group. Please note that settings changes may need up to 15 minutes until all computers are reconfigured.
To either edit or delete a policy, click the corresponding buttons.
|© 2019 Sophos Limited
|Sophos UTM 9.600