Reference Guide
Security Management Server Virtual v10.2.11 AdminHelp
USB port-level blocking and HID
class
-level blocking is only honored
if we can identify the computer
chassis as a laptop/notebook form
-
factor. We rely on the computer's
BIOS for the identification of the
chassis
.
See advanced settings
Advanced Port Control
Policy descriptions also display in tooltips in the Management Console. In this table, master policies are
in bold font.
Policy Default Setting Description
Windows Port Control
This technology allows for control of all the physical ports on a Windows computer
(disable/enable/bypass), and can be customized by port type.
Subclass Storage: External Drive
Control
Full Access
CHILD of Class: Storage. Class:
Storage must be set to Enabled to use
this policy.
This policy interacts with EMS Access
to unShielded Media policy. If you
intend to have Full Access to media,
also set this policy to Full Access
to ensure that the media is not set
to read only a
nd the port is not
blocked.
Full Access: External Drive port does
not have read/write data restrictions
applied
Read Only: Allows read capability.
Write data is disabled
Blocked: Port is blocked from
read/write capability
This policy is endpoint
-based and
cannot be overridden by user policy.
Subclass Storage: Optical Drive
Control
UDF Only
CHILD of Class: Storage. Class:
Storage must be set to Enabled to use
this policy.
Full Access: Optical Drive port does
not have read/write data restrictions
applied
UDF
Only: Blocks all data writes that
are not in the UDF format (CD/DVD
burning, ISO burning). Read data is
enabled.
Read Only: Allows read capability.
Write data is disabled
Blocked: Port is blocked from
read/write capability
This policy is endpoint
-based and
cannot be overridden by user policy.
Universal Disk Format (UDF) is an
implementation of the specification
known as ISO/IEC 13346 and ECMA
-167
and is an open vendor
-neutral file
265