Issue
- You want to manage Device control rules on client computers in ESET PROTECT On-Prem
- You want to create a Device control report
- Using Device control in ESET endpoint products
Solution
- Add a Device control rule on client workstations using a policy in ESET PROTECT On-Prem
- Edit or remove an existing Device control rule on client workstations in ESET PROTECT On-Prem
- Create a Device control report template
- Add a new Device control Dashboard report
I. Add a Device control rule on client workstations using a policy in ESET PROTECT On-Prem
Endpoint users: Perform these steps on individual client workstations
In this example, we block access to all Bluetooth devices for all users.
Click Policies → New Policy.
Figure 1-1
In the Basic section, type the name of the new policy under Name. The Description section is optional.
Figure 1-2 Click Settings and select ESET Endpoint for Windows from the drop-down menu. Select Protections → Device Control.
Figure 1-3 Click the toggle next to Enable Device control to enable it and click Finish. Restart the client device for this change to take effect.
Figure 1-4 Repeat steps 1 and 2 and click Edit next to Rules.
Figure 1-5
Click Add.
Figure 1-6 Next to Name, type a name for the new rule. Next to Device type, select Bluetooth Device from the drop-down menu. Next to Action, select Block from the drop-down menu. To make the rule more specific, type in the Vendor, Model and Serial of devices you want to target. Next to Logging severity, select Warning from the drop-down menu and click OK.
Figure 1-7
The new rule will be displayed in the Rules list. Click Save.
Figure 1-8 Click Assign → Assign.
Figure 1-9 Select the check box next to each computer or group you want to assign the rule to and click OK.
Figure 1-10 Click Finish to apply the policy on the selected computers.
II. Edit or remove an existing Device control rule on client workstations in ESET PROTECT On-Prem
Click Policies, expand Custom Policies and click ESET Endpoint for Windows. Right-click the policy you want to edit and select Edit.
Figure 2-1 Click Settings, select Protections → Device Control and click Edit next to Rules.
Figure 2-2
- To edit or remove a rule:
- Edit a rule—Select the rule and click Edit. After the edits are made, click OK. Click Save to confirm the changes. Click Finish to save the changes in the policy.
Remove a rule—Select the rule and click Remove. Click Save to confirm the changes. Click Finish to save the changes in the policy.
Figure 2-3
III. Create a Device control report template
Click Reports → New Report Template.
Figure 3-1 In the Name field, type a name for your report. Select a Category for your report. The Description field is optional.
Figure 3-2 Click Chart and select the check box under Display Table.
Figure 3-3 -
Figure 3-4 Expand the Computer category, select Computer name and click OK.
Figure 3-5 Repeat Steps 4 and 5 until all items listed in the table below are added to the Table Columns section and click Finish. You can select other items based on your preferences.
Category Item Computer Computer name Device control Device Device control Action performed Device control Time of occurrence Device control 
Figure 3-6
IV. Add a new Device control Dashboard report
Click Dashboard and click the plus icon to add a new dashboard.
Figure 4-1 Type a name for your new dashboard and click Add Dashboard.
Figure 4-2 Click the plus icon.
Figure 4-3 Navigate to the report you created in Section III (Device Control, in this example), select it and click OK.
Figure 4-4
