Adding Device Control rules

To add Device Control rules:

Go to the Device Control settings in the policy that you want to configure.
1. In the Kaspersky Security Center Administration Console tree, expand the Managed devices node.
2. Select the administration group for which you want to configure the task.
3. Select the Policies tab.
4. Double-click the policy name you want to configure.
5. In the Properties: <Policy name> window that opens, select the Local activity control section.
6. Under Device Control, click Settings.
  The Device Control window opens.
On the General tab, click Rules list.
The Device Control rules window opens.
Add Device Control rules in one of the following ways:
- Use data on currently connected devices
  1. In the Add button context menu, select Generate rules based on connected devices.
    The Generate rules based on the system information window opens.
  2. In the list of detected devices, select those you want to create Device Control rules for.
  3. Click Create rules for the selected devices.
- Use system data
  1. In the Add button context menu, select Generate rules based on system data.
    The Generate rules based on the system information window opens.
  2. In the list of detected devices, select those you want to create Device Control rules for.
  3. Click Create rules for the selected devices.
- Use the Kaspersky Security Center registry
  1. In the Add button context menu, select Generate rules based on connected devices.
    The Generate rules based on the system information window opens.
  2. Click Refresh list to display a list of available devices.
  3. In the list of detected devices, select those you want to create Device Control rules for. In the Search field, you can specify a friendly device name to filter the device list and simplify selection.
  4. Click Create rules for the selected devices.
- By importing an XML file containing Device Control rules.
  1. In the Add button context menu, select Import rules from XML file.
  2. Choose how to add Device Control rules from an XML file to those available in the policy:
    - Merge with existing rules, if you want to add the imported rules to the list of existing rules. Rules with identical settings are not duplicated. If at least one rule setting is unique, the rule is added.
    - Add to existing rules, if you want to add the imported rules to the list of existing rules. Rules with identical settings are duplicated.
    - Replace existing rules, if you want to replace the existing rules with the imported rules.
  3. In the Windows system window that opens, specify the path to the XML file that was created after the completion of local task or group task for Rule Generator for Device Control.
  4. Click the Open button.
- Import a Kaspersky Security Center blocked devices report.
  Before importing a blocked devices report from Kaspersky Security Center, make sure that it contains only data for those devices you want to allow to connect.
  1. In the Add button context menu, select Import data of blocked devices from Kaspersky Security Center report.
  2. Choose how to add Device Control rules from a report to those available in the policy:
    - Merge with existing rules, if you want to add the imported rules to the list of existing rules. Rules with identical settings are not duplicated. If at least one rule setting is unique, the rule is added.
    - Add to existing rules, if you want to add the imported rules to the list of existing rules. Rules with identical settings are duplicated.
    - Replace existing rules, if you want to replace the existing rules with the imported rules.
  3. In the Windows system window that opens, specify the path to the TXT file to which events from the Kaspersky Security Center report on blocked devices have been exported.
  4. Click the Open button.
The new Device Control rules will be displayed in the list in the Device Control rules window.
Click Save in the Device Control rules window.
Click OK in the Device Control window.
Click Apply in the Properties: <Policy name> window.

Page top