Configuring Device Control task settings

To configure the Device Control task settings:

Open the Task settings window.
On the General tab, configure the following task settings:
- In the Task mode section, select one of the task modes:
  - Active.
    Kaspersky Embedded Systems Security applies rules to control the connection of removable drives and other external devices, and allows or blocks the use of all devices according to the Default Deny principle and specified allowing rules. The use of trusted external devices is allowed. The use of untrusted external devices is blocked by default.
  If an external device you consider to be untrusted is connected to a protected device before the Device Control task is run in the Active mode, the device is not blocked by the application. We recommend that you disconnect the untrusted device manually or restart the protected device. Otherwise, the Default Deny principle will not be applied to the device.
  - Statistics only.
    Kaspersky Embedded Systems Security does not control the connection of removable drives and other external devices, but only logs information about the connection and registration of external devices on a protected device, and about the Device Control allowing rules triggered by the connected devices. The use of all external devices is allowed. This mode is set by default.
- Select or clear the Allow using all external devices when the Device Control task is not running check box.
  The check box allows or blocks the use of external devices when the Device Control task is not running.
  
  If the check box is selected and Device Control task is not running, Kaspersky Embedded Systems Security allows using any external devices on a protected device.
  
  If the check box is cleared, the application blocks the use of untrusted external devices on a protected device in the following cases: the Device Control task is not running or the Kaspersky Security Service is turned off. This option is recommended to maximize the level of protection against computer security threats arising when exchanging files with external devices.
  
  The check box is cleared by default.
If necessary, on the Schedule and Advanced tabs, configure the scheduled task start settings.
To edit the list of device control rules, click the Device Control rules link in the lower part of the results pane of the Device Control node.

Kaspersky Embedded Systems Security immediately applies the new settings to the running task. Information about the date and time when the settings were modified, and the values of task settings before and after modification, are saved in the system audit log.

Page top