[KB7837] Add and modify Device control rules and create a Device control report in ESET PROTECT On-Prem

Issue

Solution

  1. Add a Device control rule on client workstations using a policy in ESET PROTECT On-Prem
  2. Edit or remove an existing Device control rule on client workstations in ESET PROTECT On-Prem
  3. Create a Device control report template
  4. Add a new Device control Dashboard report

I. Add a Device control rule on client workstations using a policy in ESET PROTECT On-Prem

Endpoint users: Perform these steps on individual client workstations 

In this example, we block access to all Bluetooth devices for all users.

  1. Open ESET PROTECT On-Prem in your web browser and log in.

  2. Click Policies New Policy.

    Figure 1-1
  1. In the Basic section, type the name of the new policy under Name. The Description section is optional.

  1. Click Settings and select ESET Endpoint for Windows from the drop-down menu.

  1. Select Device Control and click the toggle next to Enable Device control to enable it. Restart the client device for this change to take effect.

  1. Repeat steps 1 and 2 and click Edit next to Rules.

    Figure 1-3
  1. Click Add.

    Figure 1-4
  1. Next to Name, type a name for the new rule. Next to Device type, select Bluetooth Device from the drop-down menu. Next to Action, select Block from the drop-down menu. To make the rule more specific, type in the VendorModel, and Serial of devices you want to target. Next to Logging severity, select Warning from the drop-down menu and click OK.

    Wildcards

    For Vendor, Model, and Serial fields, the wildcards * and ? may be used in ESET Endpoint Security and ESET Endpoint Antivirus version 10 and later.

    An asterisk (*) represents a string of zero or more characters. 
    A question mark (?) represents a single character.

    Figure 1-5
  1. The new rule will be displayed in the Rules list. Click Save.

    Figure 1-6
  2. Click Assign → Assign.

    Figure 1-7
  3. Select the check box next to each computer or group you want to assign the rule to and click OK.

    Figure 1-8
  1. Click Finish to apply the policy on the selected computers.


II. Edit or remove an existing Device control rule on client workstations in ESET PROTECT On-Prem

  1. Click Policies, expand Custom Policies, click ESET Endpoint for Windows. Click the policy you want to edit and click Edit.

    Figure 2-1
  2. Click Settings, select Device control and click Edit next to Rules.
    Figure 2-2
  3. To edit or remove a rule:
    • Edit a rule–Select the rule and click Edit. After the edits are made, click OK. Click Save to confirm the changes.
    • Remove a rule–Select the rule and click Remove. Click Save to confirm the changes.
      Figure 2-3
  1. Click Finish to save the changes in the policy.


III. Create a Device control report template

  1. Click Reports New Report Template.

    Figure 3-1
  1. In the Name field, type a name for your report. Select a Category for your report. The Description field is optional.

    Figure 3-2
  1. Click Chart and select the check box under Display Table.

    Figure 3-3

  1. Click Data Add Column.

    Figure 3-4
  1. Expand the Computer category, select Computer name and click OK.

    Figure 3-5
  1. Repeat Steps 4 and 5 until all items listed in the table below are added to the Table Columns section and click Finish. You can select other items based on your preferences.

    Category Item
    Computer Computer name
    Device control Device
    Device control Action performed
    Device control Time of occurrence
    Device control User
    Figure 3-6
 

IV. Add a new Device control Dashboard report

  1. Click Dashboard. Click the plus icon to add a new dashboard.

    Figure 4-1
  1. Type a name for your new dashboard and click Add Dashboard.

    Figure 4-2
  1. Click the plus icon.

    Figure 4-3
  1. Navigate to the report you created in Section III (Device Control Logs, in this example), select it and click OK.

    Figure 4-4

Your dashboard is now available. When a Bluetooth device is blocked by Device control, each blocked device is listed in the new dashboard report.