On the General page, you can configure and restrict access to local file system resources:
•Enable the Block data transfer over network option to block data transfer over local networks and the Internet. Note that data transfer is blocked via network protocols NetBIOS and HTTP/HTTPS. Data transfer via the ICMP protocol is allowed.
•Enable the Block sending tasks to a printer option to forbid printer usage from users computers.
•Enable the Check connected USB devices for BadUSB-vulnerability option to verify all devices identified as a keyboard.
•Enable the Control access to the protected objects option to edit the list of the blocked buses and device classes.
You can restrict access to the specified busses and device classes. You can also configure the white list of devices.
Device classes are all devices that perform the same functions (e.g., printing devices). Device buses are communication subsystems for transferring data between functional units of the computer (for example, the USB bus).
This function allows to block one or several device classes on all the buses. You can also block all the devices connected to one or several buses.
|
Use Windows Device Manager if you do not know which class corresponds to your device or which bus corresponds to a certain device class. 1.In Windows Device Manager, find the necessary device. If necessary, expand items of the specified device types. The item that corresponds to the device is its device class (for example, flash drives correspond to the Disk drives class). 2.Select the necessary device, open the context menu, and click Properties. 3.On the Details tab, in the Property drop-down list, select Parent. 4.In the Value field, a string containing Bus\Device UID is specified. For example, the value for a flash drive is USB\VID_1EAB&PID_0501\03421, where USB is a bus that corresponds to the device class. |
To configure the list of the blocked device classes
1.Make sure that the Control access to the protected objects option is enabled.
2.In the Device classes section, click 
to add a device to the Blocked classes list.
3.In the opened window, select all the device classes you want to block. To do that, set the Block flag next to the corresponding item in the list.
4.Click Save.
5.To remove a device from the list, select the corresponding item in the list and click 
.
6.To add other devices, repeat steps 1 and 2.
To configure the list of the blocked buses
1.Make sure that the Control access to the protected objects option is enabled.
2.In the Device buses section, click to add a device to the Blocked buses list.
3.Select device buses you want to block from the drop-down list.
4.Select the classes you want to disable on this device bus. To block the bus entirely, select all classes.
5.Click Save.
6.To remove a device from the list, select the corresponding item in the list and click .
7.To edit the list of classes disabled on this device bus, select the necessary device bus in the Blocked buses list and click 
.
8.To add other devices, repeat steps 1 and 2.
If you want to block all flash drives, 1.Make sure that the Control access to the protected objects option is enabled. 2.In the Device buses section, click 3.Select the USB devices bus from the drop-down list. 4.Select the Disk drives class that will be blocked on this bus. 5.Click Save. If you want to allow access to a certain device, add it to the white list. |
|
Note that stations will not be connected to Dr.Web Server if the following options are enabled: •Block data transfer over network. •Control access to the protected objects > Device classes > Network adapters. These options block all network interaction for stations. At this, you cannot use Control Center to change settings remotely either. |
