[KB8856] Device control in ESET Endpoint Security for macOS

• Review device control rules from previous ESET macOS products
• Block removable media (for example, USB flash drives, CD-ROMs) from accessing your computer
• Set device control rules from ESET PROTECT

Review device control rules from previous ESET macOS products

• When migrating from older ESET Endpoint Security, default rules are automatically created to mimic previous media control settings.
• Rules are prioritized top-down. The first matching rule is applied.
• Device Control rules are evaluated based on a user OR group match. This behavior differs from earlier versions (v6.x), which required both user and group to match (AND logic).
• Users and groups are validated by the user SID (not by user UID or username).
• The system mounts external disks under the root user. Therefore, if at least one rule enable access for any user or group, the mount operation will be permitted.

Block removable media (for example, USB flash drives, CD-ROMs) from accessing your computer

1. Open ESET Cyber Security.

2. Click Protections → Computer.

3. Click the toggle next to Device control and click the ℹ icon.

4. In the Device control window, select Rules.

5. In the Rules window, click the + icon in the upper-right corner.

6. Choose a Name for the rule, select Action to take for the rule, Device type, and Users or User Groups for which the rule will be applied. Click OK to save and apply the rule.