In what order does GFI EndPointSecurity check devices against Protection Policies?

Answer

When a device is attached to a computer, the GFI EndPointSecurity Agent uses the following priority when checking the device:

1. Allow the device if the logged on user is defined as a Power User
2. Allow the device if the device is Whitelisted
3. Block the device if the device is Blacklisted
4. Allow the device for the user if the user has been granted Temporary Access to the devices on his machine
5. Allow or block the device for the particular user as specified in the Security node for the protection policy deployed on the computer. The priority for the ports / devices can be configured for each protection policy (Refer to the procedure below)
6. Check the files that are being accessed on the device and block access to specific files as specified in the File-type Filter

Configuring the priority for the ports / devices configured in a protection policy

You are able to configure the priority for the ports / devices in Protection Policies by performing the following:

1. Open the GFI EndPointSecurity Configuration
2. Click on the Configuration tab
3. From the left pane, right-click on the protection policy for which you want to set priorities for permissions set and select Security > Set Permissions
4. From the right pane, select the permission for which you want to change the priority
5. You can now increase or decrease the permission set you wish to modify by using the Increase Priority or Decrease Priority from the Actions section in the left pane

Note: Once you modify the protection policy, you will need to re deploy the effected agents by right-clicking on the protection policy you configured and select Deployment > Deploy agent(s)