Allowing or blocking devices on client computers

You use an Application and Device Control policy to configure device control. Before you begin, add any devices you need to the
Hardware Devices
list. See:
As of 14, you can configure both Windows and Mac device control.
  1. To allow or block devices on client computers
  2. Option 1:
    To configure device control for Windows clients, in the console, open an Application and Device Control policy.
  3. Click
    Device Control
    .
  4. Under
    Blocked Devices
    , click
    Add
    .
  5. In the
    Device Selection
    window, select one or more devices. Make sure that if you block specific ports, then you exclude devices if necessary.
    Typically, you should never block a keyboard.
  6. Click
    OK
    .
  7. Under
    Devices Excluded From Blocking
    , click
    Add
    .
  8. In the
    Device Selection
    window, select one or more devices.
  9. Check
    Notify users when devices are blocked
    if you want to notify the user.
  10. Click
    OK
    .
  11. Option 2:
    To configure device control for Mac clients (as of 14), in the console, open an Application and Device Control policy.
  12. Under
    Mac Settings
    , click
    Device Control
    .
  13. Under
    Blocked Devices
    , click
    Add
    .
  14. In the
    Device Selection
    window, select a device from the list. You can only add one device at a time.
    Fill in the fields at the bottom of the window, if available. If you leave the fields blank, all devices of this type are blocked.
    You can also use regular expressions to define device vendor, device model, or serial number. See the Help in the
    Mac Device Control
    window for more information.
    To obtain the serial number, model number, or vendor name from a Mac-connected device, use the DeviceInfo tool from the installation file. You can find this tool and its instructions under
    Tools/DeviceInfo
    .
  15. Click
    OK
    .
  16. Under
    Devices Excluded From Blocking
    , click
    Add
    .
  17. In the
    Device Selection
    window, select a device from the list, define the excluded devices, and then click
    OK
    .
  18. Check
    Notify users when devices are blocked
    if you want to notify the user.
  19. Click
    OK
    .