Filling rules list basing on Device Control task events
October 25, 2023
To create a configuration file that contains device control rules list basing on the Device Control task events:
- Start the Device Control task in Statistics only mode to log all connections of flash drives and other external devices to a protected device.
- Upon the completion of the task in the Statistics only mode, open the task log by clicking the Open task log button in the Management section of the Device Control node results pane.
- In the Logs window click the Generate rules based on events.
Kaspersky Embedded Systems Security for Windows will create an XML configuration file that contains a rules list generated basing on events of the Device Control task in the Statistics only mode. You can apply this list in the Device Control task.
Before applying a rules list generated basing on the task events, it is recommended to review and then manually process the rules list to make certain that there are no untrusted devices allowed by the specified rules.
During the conversion of an XML file with task events to a list of device control rules list, the application generates allowing rules for all registered events, including the devices restrictions.
All the task events are registered in the task log regardless of the task mode. You can create a configuration file with a rules list basing on the events of the task in the Active mode. This scenario is not recommended except urgent cases, as far as the task efficiency requires to generate a final rule list version before the task is run in the active mode.