Configuring device blacklist
GFI EndPointSecurity enables you to specify which device(s) can be made inaccessible to everyone. The blacklist is granular, so you can even blacklist a specific device with a specific serial number. You can do this on a policy-by-policy basis.
For an updated list of devices currently connected to the target computers, run a device scan and add the discovered devices to the devices database prior to configuring blacklisted devices. For more information refer to Discovering Devices.
Note
Power users will override any blacklisted devices, and thus will be able to access blacklisted devices.
To add devices to the blacklist of a specific protection policy:
- Click Configuration tab > Protection Policies.
- From Protection Policies > Security, select the protection policy to configure.
- From the right pane, click Devices Blacklist in the General Control section.
Black list options
- In the Black list dialog, click Add… to select devices to add to the blacklist.
Select Devices options
- In the Select Devices dialog enable or disable the devices to add to the blacklist from the Devices list and click Next.
Note
If a required device is not listed, click Add New Device… to specify the details of the device you want to add to the blacklist, and click OK.
Select Devices options - Select device serials
- Select the required serials related option from:
- All serials - to blacklist all serial numbers of a specific device. Click Finish and OK.
- Only selected serials - to specify particular device serial number(s) to be added to the blacklist. Next, highlight the device and click Edit… to specify the serial number(s). Click OK, Finish and OK.
Select Devices options - Edit Device serials
To deploy protection policy updates on target computers specified in the policy:
- Click Configuration tab > Computers.
- From Common tasks, click Deploy to all computers….