Yes. You are able to block device models within GFI EndPointSecurity. This is possible by performing the following steps:
- Add the device model you wish to block in the GFI EndPointSecurity device database
- Create a new policy blocking that particular device.
Add the device model you wish to block in the GFI EndPointSecurity device database
- Attach the device model you want to block to a computer. This computer must be accessible by the GFI EndPointSecurity server since it must be scanned using the Device Scan utility in GFI EndPointSecurity
- Logon to the GFI EndPointSecurity server with administrative credentials
- Open the GFI EndPointSecurity Management Console
- Click on the 'Tools' tab and click on 'Device Scan'
- Enter the IP address or computer name of the computer you have attached the device to (in Step 1) under 'Scan target:'
- Ensure you have entered the appropriate administrative credentials to scan the remote machine under 'Scan Details' > 'Credentials'
- Click on the Scan Button
- All the devices which are currently attached to the computer will be listed in the 'Device List'. Right click on the device you wish to block using GFI EndPointSecurity and click on 'Add to devices database'
Create a new policy blocking that particular device
- Within the GFI EndPointSecurity Management Console, click on the 'Configuration tab'
- Expand the Protection Policy you want to change, and click on the 'Security Node' under that protection policy
- Under the 'Common Tasks' section, click on the 'Add permissions(s)..' link.
- Select 'Specific Devices' under 'Control Entities', then click on the 'Next' button to continue
- Find the new device which you have just added to your Device Library. Mark the checkbox near the device you wish to block and click on 'Next' to continue
- Click the 'Add...' button to add any users you wish to this policy. Uncheck the 'Access/Read' and 'Write' checkboxes if you wish to block this device.
- Click 'Finish' to add the new policy to the protection policy
Note: Once the above configuration changes are done, you need to deploy the protection policy updates in order for the changes to start taking effect.