Device Control task (Device_Control, ID:15)
Oct 22, 2023
When the Device Control task is running, Kaspersky Endpoint Security manages user access to the devices that are installed on or connected to the client device (for example, hard drives, cameras, or Wi-Fi modules). This lets you protect the client device from infection when external devices are connected, and prevent data loss or leaks.
By default, the Device Control task starts automatically when the application starts. You can stop the task at any moment if necessary.
The Device Control task manages user access to devices using the access rules. You can select the action to be performed by the Device Control task: apply rules or test rules.
Device Control task manages user access at the following levels:
- Device type. For example, printers, removable drives, or CD/DVD drives.
- Connection bus. Connection bus is an interface used to connect devices to the client device (USB or FireWire).
- Trusted devices. Trusted devices are devices to which users have full access.
When a device, access to which is denied by the Device Control task, connects to a client device, the application denies the users specified in the rule access to this device and displays a notification. During attempts to read and write on this device, the application silently blocks the users specified in the rule from reading/writing.
If the Device Control task stops running, the application unblocks access to blocked devices.
In the general application settings, if the
InterceptorProtectionMode setting is set to
Notify, it is not possible to block access to devices using a device access schedule (the
Kaspersky Endpoint Security ignores the excluded mount points for the Device Control task. The access rules apply to devices mounted in a globally excluded mount point.