Generating a list of trusted network and storage devices on Windows devices

Trusted devices are network and storage devices that can be fully accessed at any time. Trusted devices are exclusions from blocked device categories.

When a user connects a network or storage device from a blocked category to his or her device, Kaspersky Endpoint Security for Windows blocks access to this device and notifies the user. An event about the network or storage device blocking is written to the event log of Kaspersky Endpoint Security Cloud. The event contains the ID of the blocked device. By using the ID of the blocked device, you can add the device to the list of trusted devices.

The Device Control feature is available only if you activated Kaspersky Endpoint Security Cloud under a Kaspersky Endpoint Security Cloud Plus or Pro license.

To generate a list of trusted network and storage devices on Windows devices:

  1. Open Kaspersky Endpoint Security Cloud Management Console.
  2. Select the Security managementSecurity profiles section.

    The Security profiles section contains a list of security profiles configured in Kaspersky Endpoint Security Cloud.

  3. In the list, select the security profile for the devices on which you want to configure a list of trusted network and storage devices.
  4. Click the link with the profile name to open the security profile properties window.

    The security profile properties window displays settings available for all devices.

  5. In the Windows group, select the Management settings section.
  6. Set the toggle switch to Device Control is enabled.
  7. Click the Settings link below the Device Control is enabled toggle switch.

    The Device Control settings page opens.

  8. Click the Settings link below the Exclusions from Device Control section.

    The workspace displays a list of trusted network and storage devices.

  9. To add a network or storage device to the trusted list:
    1. Click Add.

      This opens the Exclusions from Device Control window.

    2. In the Device type drop-down list, select the type of network or storage device that you want to add to the trusted list.
    3. In the Device ID mask field, enter the device ID mask for the device that you want to add to the trusted list.

      To find a device ID, you can use the event about device blocking.

      When specifying a device ID mask, you can use the asterisk (*), which stands for any number of characters. For example, the mask *disk* selects all devices with the "disk" fragment in any part of their IDs.

    4. If necessary, in the Comment field, specify any information about the devices being added.
    5. Click OK.

      The added device will be displayed in the trusted list.

  10. To edit the settings of a network or storage device that was previously added to the trusted list:
    1. Select the check box next to the device whose settings you want to modify.
    2. Click the Edit button.

      This opens the Exclusions from Device Control window.

    3. Make the relevant changes.
    4. Click OK.
  11. If you want to delete a network or storage device that was previously added to the trusted list, select the check box next to the device, and then click the Delete button.
  12. Click the Save button.

After the security profile is applied on Windows devices, Kaspersky Endpoint Security Cloud will not control user access to network or storage devices added to the trusted list.

Page top