Configuring Authorization Settings

You can configure a Media Encryption & Port ProtectionClosed A component on Endpoint Security Windows clients. This component protects data stored on the computers by encrypting removable media devices and allowing tight control over computers' ports (USB, Bluetooth, and so on). Acronym. MEPP. ruleClosed Set of traffic parameters and other conditions in a Rule Base (Security Policy) that cause specified actions to be taken for a communication session. to require scans for malware and unauthorized file types when a storage device is attached. You also can require a user or an administrator to authorize the device. This protection makes sure that all storage devices are malware-free and approved for use on endpoints.

On Windows E80.64 and higher clients, CDs and DVDs (optical media) can also be scanned.

After a media device is authorized:

  • If you make changes to the contents of the device in a trusted environment with Media Encryption & Port Protection, the device is not scanned again each time it is inserted.

  • If you make changes to the contents of the device in an environment without Media Encryption & Port Protection installed, the device is scanned each time it is inserted into a computer with Media Encryption & Port Protection.

You can select one of these predefined options for a Media Encryption & Port Protection rule:

Require storage devices to be scanned and authorized -

  • Scan storage devices and authorize them for access - Select to scan the device when inserted. Clear to skip the scan.

    • Enable self-authorization - If this option is selected, users can scan the storage device manually or automatically. If this setting is cleared, users can only insert an authorized device.

      • Manual media authorization - The user or administrator must manually authorize the device.

        Allow user to delete unauthorized files - The user can delete unauthorized files detected by the scan. This lets the user or administrator authorize the device after the unauthorized files are deleted.

      • Automatic media authorization -The device is authorized automatically.

        Allow user to delete unauthorized files - The user can delete unauthorized files detected by the scan. This lets the user or administrator authorize the device after the unauthorized files are deleted.

  • Exclude optical media from scan - Exclude CDs and DVDs from the scan.