Device Control is a new feature of WFBS-SVC that allows users to regulate access to connected USB devices.
This article shows you how configure Device Control, specifically on external storage devices.
To use the Device Control:
- Log on to the WFBS-SVC console.
- Click Devices > Choose the group you want to configure.
- Choose Configure Policy.
- Under the Windows tab, choose Device Control.
- Tick Enable device control to start using the feature.
- Tick Block the autorun function on USB storage devices to block the autorun function in external devices and provide autorun protection.
- Under the Permission dropdown menu, choose the desired permission level.
Refer to the table for the definition of permission levels.
Permissions Files on the Device Incoming Files Full access Permitted operations: Copy, Move, Open, Save, Delete, Execute Permitted operations: Save, Move, Copy
This means that a file can be saved, moved, and copied to the devices.
Modify Permitted operations: Copy, Move, Open, Save, Delete
Permitted operations: Execute
Prohibited operations: Save, Move, Copy Read and execute Permitted operations: Copy, Open, Execute
Prohibited: Save, Move, Delete
Prohibited operations: Save, Move, Copy Read Permitted operations: Copy, Open
Prohibited operations: Save, Move, Delete, Execute
Prohibited operations: Save, Move, Copy List device content only Prohibited operations: All operations
The device and the files it contains are visible to the user (for example: Windows Explorer).
Prohibited operations: Save, Move, Copy
- Configure the exception list. This is only applicable if the device permission is not "Full Access".