Adding a device to the Trusted list from Kaspersky Security Center

Kaspersky Security Center receives information about devices if Kaspersky Endpoint Security is installed on the computers and Device Control is enabled. It is not possible to add a device to the trusted list unless information about that device is available in Kaspersky Security Center.

You can add a device to the trusted list according to the following data:

To add devices to the list of trusted devices:

  1. Open the Kaspersky Security Center Administration Console.
  2. In the Managed devices folder in the Administration Console tree, open the folder with the name of the administration group to which the relevant client computers belong.
  3. In the workspace, select the Policies tab.
  4. Select the necessary policy and double-click to open the policy properties.
  5. In the policy window, select Security ControlsDevice Control.
  6. In the right part of the window, select the Trusted devices tab.
  7. Select the Merge values when inheriting check box if you want to create a consolidated list of trusted devices for all computers in the company.

    The lists of trusted devices in the parent and child policies will be merged. The lists will be merged provided that merging values when inheriting is enabled. Trusted devices from the parent policy are displayed in child policies in a read-only view. Changing or deleting trusted devices of the parent policy is not possible.

  8. Click the Add button and select a method for adding a device to the trusted list.
  9. To filter devices, select a device type from the Device type drop-down list (for example, Removable Drives).
  10. In the Name / Model field, enter the device ID, model (VID and PID) or mask, depending on the selected addition method.

    Adding devices by model mask (VID and PID) works as follows: if you enter a model mask that does not match any model, Kaspersky Endpoint Security checks if the device ID (HWID) matches the mask. Kaspersky Endpoint Security checks only the part of the device ID that determines the manufacturer and the type of the device (SCSI\CDROM&VEN_NECVMWAR&PROD_VMWARE_SATA_CD00\5&354AE4D7&0&000000). If the model mask matches this part of the device ID, the devices that match the mask will be added to the list of trusted devices on the computer. At the same time, the list of devices in Kaspersky Security Center remains empty when you click the Refresh button. To display the list of devices correctly, you can add devices by device ID mask.

  11. To filter devices, in the Computer field, enter the computer name or a mask for the name of the computer to which the device is connected.

    The * character replaces any set of characters. The ? character replaces any single character.

  12. Click the Refresh button.

    The table displays a list of devices that satisfy the defined filtering criteria.

  13. Select the check boxes next to the names of devices that you want to add to the trusted list.
  14. In the Comment field, enter a description of the reason for adding devices to the trusted list.
  15. Click the Select button to the right of the Allow to users and / or groups of users field.
  16. Select a user or a group in Active Directory and confirm your selection.

    By default, access to trusted devices is allowed for the Everyone group.

  17. Save your changes.

When a device is connected, Kaspersky Endpoint Security checks the list of trusted devices for an authorized user. If the device is trusted, Kaspersky Endpoint Security allows access to the device with all permissions, even if access to the device type or connection bus is denied. If the device is untrusted and access is denied, you can request access to the locked device.

Page top