Kaspersky Embedded Systems Security 3.x

Creating rules using the Rule Generator for Device Control task

October 25, 2023

ID 146683

To specify allowing device control rules for a group of protected devices using the Rule Generator for Device Control task:

  1. Open the Settings window in the New Task Wizard.
  2. Configure the following settings:
    • In the Mode block:
      • Consider system data about all external devices that have ever been connected
      • Consider currently connected external devices only
    • In the After task completes block:
      • Add allowing rules to the list of Device Control rules.
      • Principle of adding.
      • Export allowing rules to file.
      • Add protected device details to file name.
  3. Click the Next button.
  4. In the Schedule window, specify the task start schedule settings.
  5. Click the Next button.
  6. In the Selecting an account to run the task window, specify the account you want to use.
  7. Click the Next button.
  8. Specify a task name.
  9. Click the Next button.

    The task name should be no longer than 100 characters and cannot contain the following symbols: " * < > & \ : |

    The Finish creating the task window opens.

  10. You can optionally run the task after the Wizard finishes by selecting the Run task after Wizard finishes check box.
  11. Click the Finish button to finish creating the task.
  12. On the Tasks tab on the workspace of the group of protected devices being configured, in the list of group tasks select the Rule Generator for Device Control you have created.
  13. Click the Start button to start the task.

    When the task is completed, automatically generated lists of allowing rules are saved in a shared folder in XML files.

    Before using the Device Control policy in the network, make certain that all protected devices have access to a shared network folder. If the organization's policy does not provide for the use of a shared network folder in the network, it is recommended to start the Rule Generator for Device Control task for protected device control rules on the test protected device group or on a template machine.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.