Control of printing

You can use Control of printing to configure user access to local and network printers.

Local printer control

Kaspersky Endpoint Security allows configuring access to local printers on two levels: connecting and printing.

Kaspersky Endpoint Security controls local printer connection over the following buses: USB, Serial Port (COM), Parallel Port (LPT).

Kaspersky Endpoint Security controls the connection of local printers to COM and LPT ports only on the level of the bus. Thus, to prevent printer connections via COM and LPT ports, you need to select the Depends on connection bus access mode for local printers and prohibit connections to COM and LPT buses.

For printers connected to USB, the application exercises control on two levels: device type (local printers) and connection bus (USB).

You can select one of the following access modes to local printers via USB:

Network printer control

Kaspersky Endpoint Security allows configuring access to printing on network printers. You can select one of the following access modes to network printers:

Adding printing rules for printers

How to add printing rules in the Administration Console (MMC)

How to add printing rules in Web Console and Cloud Console

How to add printing rules in the application interface

Trusted printers

Trusted devices are devices to which users that are specified in the trusted device settings have full access at all times.

The procedure for adding trusted printers is exactly the same as for other types of trusted devices. You can add local printers by ID or device model. You can only add network printers by device ID.

To add a trusted local printer by ID, you will need a unique ID (Hardware ID – HWID). You can find the ID in device properties by using operating system tools (see figure below). The Device Manager tool lets you do this. The ID of a local printer may look like this: 6&2D09F5AF&1&C000. Adding devices by ID is convenient if you want to add several specific devices. You can also use masks.

To add a trusted local printer by device model, you will need its Vendor ID (VID) and Product ID (PID). You can find the IDs in device properties by using operating system tools (see figure below). Template for entering the VID and PID: VID_04A9&PID_27FD. Adding devices by model is convenient if you use devices of a certain model in your organization. This way, you can add all devices of this model.

Printer properties window in Device Manager.

Device ID in Device Manager

To add a trusted network printer, you will need its device ID. For network printers, the device ID can be the network name of the printer (name of the shared printer), the IP address of the printer, or the URL of the printer.

Page top