[KB7837] Add and modify Device control rules and create a Device control report in ESET PROTECT (9.x–10.x)
Issue
- You want to manage Device control rules on client computers in ESET PROTECT
- You want to create a Device control report
- Using Device control in ESET endpoint products
Solution
- Add a Device control rule on client workstations using a policy in ESET PROTECT
- Edit or remove an existing Device control rule on client workstations in ESET PROTECT
- Create a Device control report template
- Add a new Device control Dashboard report
I. Add a Device control rule on client workstations using a policy in ESET PROTECT
Endpoint users: Perform these steps on individual client workstations
In this example, we block access to all Bluetooth devices for all users.
-
Open the ESET PROTECT Web Console in your web browser and log in.
-
Click Policies → New Policy.
Figure 1-1
-
In the Basic section, type the name of the new policy under Name. The Description section is optional.
-
Click Settings and select ESET Endpoint for Windows from the drop-down menu.
-
Select Device Control and click the toggle next to Enable Device control to enable it. Restart the client device for this change to take effect.
-
Repeat steps 1 and 2 and click Edit next to Rules.
Figure 1-3
-
Click Add.
Figure 1-4
-
Next to Name, type a name for the new rule. Next to Device type, select Bluetooth Device from the drop-down menu. Next to Action, select Block from the drop-down menu. To make the rule more specific, type in the Vendor, Model, and Serial of devices you want to target. Next to Logging severity, select Warning from the drop-down menu and click OK.
Figure 1-5
-
The new rule will be displayed in the Rules list. Click Save.
Figure 1-6 -
Click Assign → Assign.
Figure 1-7 -
Select the check box next to each computer or group you want to assign the rule to and click OK.
Figure 1-8
-
Click Finish to apply the policy on the selected computers.
II. Edit or remove an existing Device control rule on client workstations in ESET PROTECT
-
Click Policies, expand Custom Policies, click ESET Endpoint for Windows. Click the policy you want to edit and click Edit.
Figure 2-1 - Click Settings, select Device control and click Edit next to Rules.
Figure 2-2 - To edit or remove a rule:
-
- Edit a rule–Select the rule and click Edit. After the edits are made, click OK. Click Save to confirm the changes.
- Remove a rule–Select the rule and click Remove. Click Save to confirm the changes.
Figure 2-3
-
Click Finish to save the changes in the policy.
III. Create a Device control report template
-
Click Reports → New Report Template.
Figure 3-1
-
In the Name field, type a name for your report. Select a Category for your report. The Description field is optional.
Figure 3-2
-
Click Chart and select the check box under Display Table.
Figure 3-3
-
Click Data → Add Column.
Figure 3-4
-
Expand the Computer category, select Computer name and click OK.
Figure 3-5
-
Repeat Steps 4 and 5 until all items listed in the table below are added to the Table Columns section and click Finish. You can select other items based on your preferences.
Category Item Computer Computer name Device control Device Device control Action performed Device control Time of occurrence Device control User 
Figure 3-6
IV. Add a new Device control Dashboard report
-
Click Dashboard. Click the plus icon to add a new dashboard.
Figure 4-1
-
Type a name for your new dashboard and click Add Dashboard.
Figure 4-2
-
Click the plus icon.
Figure 4-3
-
Navigate to the report you created in Section III (Device Control Logs, in this example), select it and click OK.
Figure 4-4
Your dashboard is now available. When a Bluetooth device is blocked by Device control, each blocked device is listed in the new dashboard report.
