To exclude these devices:
The tool currently supports Windows platforms only, if you are a MacOS user, please prepare a Windows machine to use this tool.
- Prepare a Windows Machine.
- Download the listDeviceInfo tool.
- Extract the tool.
- Plug in the USB Devices or Mobile Devices to be excluded.
- Run listdeviceinfo.exe.
- An HTML and CSV file will be created in the folder where the tool is executed.
The default web browser should open showing the list of the devices with their corresponding details:
- Log in to Apex One.
- Go to Agents > Agent Management > Settings > Device Control Settings.
- Click Approved devices.
You need to install Apex One Data Loss Prevention (DLP) Plug-in to be able to have the Block option (when selected Approved Devices button appears).
- Input the corresponding entries in the new window.
- Click the green + button to add multiple devices.
- Click Back.
- Click Apply to All Agents or Save.
For more information, refer to Managing Access to External Devices (Data Protection Activated).
Deploy Device Control Exceptions by Policy
- Log in to Apex Central or Apex One as a Service.
- Go to Policies > Policy Management.
- Select the associated policy.
- Go to Device Control and select the associated user account.
- Click Allowed USB Devices.
- Input the corresponding entries.
- Click the green + button to add multiple devices.
- Click OK on both Windows.
- Click Deploy.
Deploy Device Control Exceptions Globally
- Login to Apex Central or Apex One as a Service.
- Go to Policies > Policy Resources > Device Control Allowed Devices.
- Click Select Files.
- Import the generated CSV file after running the listDeviceInfo tool.
- Log in to Cloud One Workload Security.
- Go to Policies.
- Select the associated policy.
- Go to Device Control > Exceptions Tab.
- Click the Add button.
- Select Create a new device.
- Input the corresponding entries.
- Click the Confirm button.
For further concerns, please contact Trend Micro Technical Support.