Configuring Peripheral Device Access; Creating A Custom Action; Changing An Existing Action - Check Point HARMONY R81 Administration Manual

Configuring Peripheral Device Access

Peripheral devices cannot be encrypted and do not contain storage. These predefined actions
define which peripheral devices can be used with an endpoint computer.
Action
Allow connecting essential
devices (keyboard, mouse, and
network adapters)
Block all transmitting devices
(Modem, Bluetooth, IrDA, Wi-Fi)
Allow connecting all peripheral
devices
You can also create and change your own custom actions.

Creating a Custom Action

To create a new custom action:
1. In the Media Encryption & Port Protection rule, right-click the Peripheral Device action
and select Create Custom.
2. In the Peripheral Device Access window, enter a unique action name and, optionally,
textual comments.
3. For each device in the list, change the Access Type as necessary (Allow or Block).
4. For each device in the list, change the Log settings as necessary:
n Log - Create log entries when a peripheral device is connected to an endpoint
computer (Action IDs 11 and 20)
n None - Do not create log entries
5. Optional: Add new devices as necessary.

Changing an Existing Action

To change an existing action definition:
1. In the Media Encryption & Port Protection rule, right-click an action and select Edit
Properties.
Configuring Peripheral Device Access
Description
Access to necessary peripheral devices for basic
computer functionality is allowed. Other peripheral
devices are blocked.
Access to transmitting peripheral devices is blocked.
Other peripheral devices are allowed.
Access to all devices that cannot be encrypted or do
not contain storage is allowed.
R81 Harmony Endpoint Server Administration Guide | 256