Views:

To exclude these devices:

 
The tool currently supports Windows platforms only, if you are a MacOS user, please prepare a Windows machine to use this tool.
 
  1. Prepare a Windows Machine.
  2. Download the listDeviceInfo tool.
  3. Extract the tool.
  4. Plug in the USB Devices or Mobile Devices to be excluded.
  5. Run listdeviceinfo.exe.
  6. An HTML and CSV file will be created in the folder where the tool is executed.

The default web browser should open showing the list of the devices with their corresponding details:

Device Report

 
The tool supports four types of devices. Display will depend on how the device is read in Device Manager:
  • USB Storage Devices
  • Mobile Devices
  • CD/DVD
  • Wireless Network Adapters
  1. Log in to Apex One.
  2. Go to Agents > Agent Management > Settings > Device Control Settings.
  3. Click Approved devices.

    Exclude USB Storage

     
    You need to install Apex One Data Loss Prevention (DLP) Plug-in to be able to have the Block option (when selected Approved Devices button appears).
     
  4. Input the corresponding entries in the new window.

    Exclude USB Storage

  5. Click the green + button to add multiple devices.
  6. Click Back.
  7. Click Apply to All Agents or Save.

For more information, refer to Managing Access to External Devices (Data Protection Activated).

Deploy Device Control Exceptions by Policy

 
Block (Data Protection) of USB Storage Device needs to be enabled to perform these changes. The setting can be disabled once exceptions have been configured.
  1. Log in to Apex Central or Apex One as a Service.
  2. Go to Policies > Policy Management.
  3. Select the associated policy.
  4. Go to Device Control and select the associated user account.
  5. Click Allowed USB Devices.

    Exclude USB Storage

  6. Input the corresponding entries.

    Exclude USB Storage

  7. Click the green + button to add multiple devices.
  8. Click OK on both Windows.
  9. Click Deploy.

Deploy Device Control Exceptions Globally

  1. Login to Apex Central or Apex One as a Service.
  2. Go to Policies > Policy Resources > Device Control Allowed Devices.
  3. Click Select Files.

    Select Files

  4. Import the generated CSV file after running the listDeviceInfo tool.
  1. Log in to Cloud One Workload Security.
  2. Go to Policies.
  3. Select the associated policy.
  4. Go to Device Control > Exceptions Tab.
  5. Click the Add button.
  6. Select Create a new device.
  7. Input the corresponding entries.

    Allowed USB Devices

  8. Click the Confirm button.

For further concerns, please contact Trend Micro Technical Support.