Port Protection

Port Protection protects the physical port when using peripheral devices.

Peripheral devices are for example, keyboards, screens, blue tooth, Printers, Smart Card, network adapters, mice and so on.

To create a new Port Protection rule:

  1. In the Data Protection policy, go to the right pane, Capabilities & Exclusions > Port Protection.

  2. From the Port Protection Policy list:

    • To allow all the devices, select Allow all.

    • To allow only essential devices, select Allow essential.

      • The essential ports for Windows are:

        • Smart Card Readers

        • Keyboard

        • Network Adaptors

        • Modems

        • Mouse

      • The essential ports for macOS are:

        Note - The device names of macOS ports are prefixed with "MAC_".

        • USB Network

        • USB Video

        • USB HID

        • USB Health

        • USB Audio

        • USB Wireless controller

        • USB SmartCard (Supported only with the Endpoint Security Client version E86.20 and higher.)

        • Bluetooth Audio

        • Bluetooth Computer

        • Bluetooth Health

        • Bluetooth HID

        • Bluetooth Imaging

        • Bluetooth Phone

        • Bluetooth Toy

        • Bluetooth Wearable

        • Printers

    • To customize device settings, click Custom and then click Edit.

  3. Click New.

    The New Port Protection Rule window opens.

  4. Select a device from the list or click New to create a new device (see Managing Devices for details on how to create a new device).

  5. Select the Access Type from the list:

    • Accept - Allow connecting the peripheral device.

    • Block - Do not allow connecting the peripheral device.

  6. In the Log Type field, select the log settings:

    • Log - Create log entries when a peripheral device is connected to an endpoint computer (Action IDs 11 and 20).

    • None - Do not create log entries.

  7. Click Create.

To import exclusions:

You can import an exported exclusion file in the JSON format.

  1. In the Port Protection tab, select the Port Protection Policy.

  2. Click Edit.

  3. Click Import and select the JSON file.

To export exclusions:

  1. In the Port Protection tab, select the Port Protection Policy.

  2. Click Edit.

  3. Select the device that you want to export from the list.

  4. Click Export.

Device Category Descriptions for Windows

The following table describes each device category available in the Port Protection policy.

Category

Type of Devices

Printers_USB

Printers

Windows_CE_Devices_USB

Legacy Windows CE Device

Bluetooth 2

Legacy Bluetooth device

Bluetooth Radio

Bluetooth devices

PCMCIA_Memory

Memory devices such as flash memory cards.

Bluetooth

Legacy Bluetooth device

USB_Controllers

USB host controllers and USB hubs

Keyboard

Keyboards

Floppy_disks

Floppy disk

Network_Adaptors

Network adapters

Infrared Devices

Infrared devices

Tape Drives

Tape drives including all tape miniclass drivers.

Camera device

Web cameras

Palm_OS_Devices_USB

Legacy Palm devices

Modems

Modem devices

Still_image_devices

Scanner devices

Mouse device

Mouse

Bluetooth Devices

Legacy Bluetooth

Smart_Card_Readers

Smart Card readers

Firewire IEEE_1394

1394 host controllers connected on a PCI bus, but not 1394 peripherals.

Ports COM_LPT

Serial and parallel port devices.

IEEE_1284.4_printers

Dot4 printer device

Bluetooth_USB

Legacy Bluetooth

SAMSUNG_Android_Debug_Bridge

Devices on Android debug Bridge