Creating rules using the Rule Generator for Device Control task

A local Rule Generator for Device Control task allows automatically adding Device Control rules for external devices connected to the protected computer to the settings of the local Device Control task and generating an XML file with the Device Control rules. After that, you can import the XML file in the Device Control settings, in the Kaspersky Security Center group policy or in the local Device Control task on any protected computer.

To secure the protected device, we recommend finalizing the list of Device Control rules before running the Device Control task in active mode. For this reason, we recommend collecting data on connections from controlled external devices in Device Control Statistics Only mode.

To create device control rules via the Rule Generator for Device Control task:

Enable Device Control Statistics Only mode.
Connect the controlled external devices you want to create Device Control rules for to the protected computer.
In the Application Console tree, expand the Automated rule generators node.
Select the Rule Generator for Device Control child node.
In the results pane of the Properties child node, click the Rule Generator for Device Control link.
The Task settings window appears.
On the General tab, under Task mode, select a task mode:
- Consider system data about all external devices that have ever been connected
- Consider currently connected external devices only
In the After task completes section, specify the actions that must be performed by Kaspersky Embedded Systems Security for Windows upon task completion:
- Add allowing rules to the list of Device Control rules.
  The check box enables or disables adding the newly generated allowing rules to the list of Device Control rules.
  
  If this check box is selected, Kaspersky Embedded Systems Security for Windows adds the rules generated by the Rule Generator for Device Control task to the list of Device Control rules based on the selected principle for adding rules.
  
  If this check box is cleared, Kaspersky Embedded Systems Security for Windows does not add the newly generated allowing rules to the list of Device Control rules.
  
  By default, the check box is cleared.
- Principle of adding.
  The drop-down list is available if the Add allowing rules to the list of Device Control rules check box is selected.
  
  This drop-down list is used to specify the method used to add the newly generated allowing rules to the list of Device Control rules.
  - Add to existing rules. The rules are added to the list of existing rules. Rules with identical settings are duplicated.
  - Replace existing rules. The rules replace the existing rules in the list.
  - Merge with existing rules. The rules are added to the list of existing rules. Rules with identical settings are not added; the rule is added if at least one rule parameter is unique.
  By default, the Merge with existing rules method is selected.
- Export allowing rules to file.
  The check box enables or disables export of Device Control allow rules to the XML file.
  
  If the check box is selected, Kaspersky Embedded Systems Security for Windows will export the allow rules to the XML file specified in the field below when the Rule Generator for Device Control task completes.
  
  If this check box is cleared, the application will not export the allow rules to the XML file when the Rule Generator for Device Control task completes.
  
  By default, the check box is cleared.
- Add protected device details to file name.
  The check box enables or disables adding of information about the protected device to the name of the XML file the Device Control rules are being saved to.
  
  If this check box is selected, the application adds the protected device name and the file creation date and time to the name of the XML file.
  
  If the check box is cleared, the application does not add information about the protected device to the name of the XML file.
  
  The check box is selected by default.
If you have enabled the Export allowing rules to file action, specify the path to the XML file the Device Control rules will be saved to.
1. Click the Select button.
2. An Open window opens.
3. Specify the path where you want to save the XML file containing the Device Control rules.
4. In the field with the same name, enter the name of the XML file.
5. Click the Open button.
  The full path to the XML file and the file name will be displayed in the Settings window.
Click the OK button in the Task settings window.
In the results pane of the Properties node, click Run link to start the task.

Once the task completes, automatically created device control rules will be saved in the Device Control settings and/or an XML file in the specified folder.

Page top