[KB7837] Add and modify Device control rules and create a Device control report in ESET PROTECT (8.x – 10.x)

Issue

Solution

  1. Add a Device control rule on client workstations using a policy in ESET PROTECT
  2. Edit or remove an existing Device control rule on client workstations in ESET PROTECT
  3. Create a Device control report template
  4. Add a new Device control Dashboard report

I. Add a Device control rule on client workstations using a policy in ESET PROTECT

Endpoint users: Perform these steps on individual client workstations 

In this example, we block access to all Bluetooth devices for all users.

  1. Open the ESET PROTECT Web Console in your web browser and log in.

  2. Click Policies New Policy.

Figure 1-1
  1. In the Basic section, type the name of the new policy under Name. The Description section is optional.
Figure 1-2
  1. Click Settings and select ESET Endpoint for Windows from the drop-down menu.
  1. Select Device Control and click the slider bar next to Enable Device control. Restart the client device for this change to take effect.
  1. Click Edit next to Rules.
Figure 1-3
  1. Click Add.
Figure 1-4
  1. Next to Name, type a name for the new rule. Next to Device type, select Bluetooth Device from the drop-down menu. Next to Action, select Block from the drop-down menu. To make the rule more specific, type in the VendorModel, and Serial of devices you want to target. Next to Logging severity, select Warning from the drop-down menu and click OK.
Figure 1-5
  1. The new rule will be displayed in the Rules list. Click Save.
Figure 1-6
  1. Click Assign → Assign.
Figure 1-7
  1. Select the check box next to each computer or group you want to assign the rule to and click OK.
Figure 1-8
  1. Click Finish to apply the policy on the selected computers.

II. Edit or remove an existing Device control rule on client workstations in ESET PROTECT

  1. Click Policies → expand Custom PoliciesESET Endpoint for Windows → click the policy you want to edit → Edit.
Figure 2-1
  1. Click Settings, select Device control and click Edit next to Rules.
Figure 2-2
  • To edit or remove a rule:

    • Edit a rule – Select the rule and click Edit. After the edits are made, click OK. Click Save to confirm the changes.
    • Remove a rule – Select the rule and click Remove. Click Save to confirm the changes.
Figure 2-3
  1. Click Finish to save the changes in the policy.

III. Create a Device control report template

  1. Click Reports New Report Template.
Figure 3-1
  1. In the Name field, type a name for your report. Select a Category for your report. The Description field is optional.
Figure 3-2
  1. Click Chart and select the check box under Display Table.
Figure 3-3
  1. Click Data Add Column.
Figure 3-4
  1. Expand the Computer category, select Computer name and click OK.
Figure 3-5
  1. Repeat Steps 4 and 5 until all items listed in the table below are added to the Table Columns section and then click Finish. You can select also other items based on your preferences.
Category Item
Computer Computer name
Device control Device
Device control Action performed
Device control Time of occurrence
Device control User
Figure 3-6

IV. Add a new Device control Dashboard report

  1. Click Dashboard. Click the plus icon to add a new dashboard.
Figure 4-1
  1. Type a name for your new dashboard and click Add Dashboard.
Figure 4-2
  1. Click the plus icon.
Figure 4-3
  1. Navigate to the report you created in Section III (Device Control Logs, in this example), select it and then click OK.
Figure 4-4
Your dashboard is now available. When a Bluetooth device is blocked by Device control, each blocked device is listed in the new dashboard report.