Adding USB Monitoring Rules

To create a new USB monitoring rule, do the following:

1. Log in to the Management Tool as a user with the administrative Client Installation and Management permission.

2. Click the Kernel-Level USB Monitoring navigation link on the left.

3. On the Kernel-Level USB Monitoring page, click the Add Rule button in the top right of the page.

4. On the Add USB Rule page that opens, on the USB Rule Properties tab, define the following parameters, and then click Next in the bottom left of the page:

• Select the Enable USB rule checkbox to enable the rule.

• Enter a unique name for the rule.

• Optionally, enter a description for the rule.

• Select the required risk level.


5. On the Rule Conditions tab, define the following parameters, and then click Next:

• Add the classes of devices to be monitored in the Monitored devices list by selecting the checkboxes next to them.

• Define exceptions for devices to be skipped while monitoring or blocking.

6. On the Additional Actions tab, define what happens when a device from the list of Monitored devices is used on a target computer by selecting the following checkboxes:

• Send email notification to: Allows you to receive an alert notification by email on device detection.

NOTE: To receive email notifications correctly, make sure that the Email Sending Settings contain the correct parameters for sending emails.

• Show warnings in Tray Notifications application: Allows you to receive an alert notification in the Tray Notification application on device detection.

• Block access to USB device until administrator approval: Allows you to prevent the use of the USB devices until the specified Approver grants access to it. Users specified as Approvers can approve the USB device access request in one of the following ways: by email (if an email address is defined for the specified users) or on the Access Requests page of the Management Tool.

NOTE: By default, if a request is not processed within 30 minutes after it has been submitted, it will automatically expire. You can change these settings on the System Settings tab on the Configuration page.

Optionally, you can also enter a custom message to be displayed to the user when a device is connected to the Client computer.

NOTE: For internal users to receive the email request correctly, make sure that on the User Details tab of the Editing User page, valid email addresses are defined.

• Block USB device: Allows you to prevent users from using the devices specified on the Monitored Devices list on the target computers. This option affects all users, regardless of the user filtering settings.

• Notify user on target computer of device blocking: Allows you to define a custom message to be displayed in a balloon notification on the Client computer (maximum 250 characters).

    If you do not select any of these actions, the devices detected will only be displayed in the Session Viewer.


7. Click the Next button, and on the Assigned Clients tab, click the Clients / Client Groups buttons, and then in the pop-up window that opens, select the Clients / Client groups to which the rule will be applied.

NOTE: To find specific Clients / Client groups, enter their names or part of their names in the Search box.


8. Click the Finish button in the bottom right of the page.

9. The rule is now added.

NOTE: If the USB monitoring rule is created while the device is connected to the Client computer, device blocking will not work. For the rule to work, the device first needs to be unplugged and then plugged in again.