If you have restricted access to some device classes or buses, you can allow access to certain devices by adding them to the list of allowed devices.
You can allow access to any types of devices, including removable media (USB flash, floppy, CD/DVD, ZIP drives, etc.), keyboards, printers, LAN adapters and so on. You can also add a certain device to the list of allowed devices to exclude it from the scan for BadUSB vulnerability.
To configure the general list of allowed devices
1.Enable the Grant access only for allowed devices option. The access for allowed devices from the general list is allowed to all users with Dr.Web for Window installed.
2.To add a device to the list, click 
.
3.In the Add devices to the allowed list window, use the following options:
•Select a device in the Previously connected devices field and transfer it to the Devices for adding to the allowed list field using the arrow.
|
You can add the selected element to the Devices for adding to the allowed list field either as a device, or as a mask. The mask allows to exclude the device that generates new ID every time it connects to the station. |
•Specify the device ID manually in the corresponding field and click .
|
Previously connected devices list is available after the station is connected to Dr.Web Server. |
4.Close the Add device to the allowed list window. All the changes are saved when the window is closed.
5.To remove a device from the list, select the corresponding item in the list and click 
.
6.To add other devices, repeat steps 2 and 3.
7.For the devices with file systems, you can configure separate access rules only for reading or for reading and writing. To do this, in the Allowed devices table, enable the Read option to browse the device and the Write option to change it. Write access rights cannot be granted without granting read access rights.
For the devices with file system, you can configure custom access rules for individual users and user groups.
To set custom rights for individual users and groups of users
1.In the Allowed devices table, select a device with the file system to configure access to. Click 
. The Setting access rights for window opens.
2.Select a user group or an individual user (see Types of user settings) on the left side of the window. Transfer the user group or individual user to the Groups with custom access rights field using the arrow.
3.Enable the Write option to grant full access rights. The Read option allows the user only to browse device.
4.Close the Setting access rights for window. All the changes are saved when the window is closed.
To configure the list of allowed devices for groups of stations
1.Select the corresponding group of stations.
2.Open the Allowed devices section.
3.To add a device to the list, click .
4.In the Add devices to the allowed list window, select a station. The list of devices previously connected to this station opens.
5.Select a device in the Previously connected devices field and transfer it into the Devices for adding to the allowed list field using the arrow. Device ID will appear in the Specify the device ID manually field.
|
You can add the selected element to the Devices for adding to the allowed list field either as a device, or as a mask. The mask allows you to exclude the device that generates new ID every time it connects to the station. |
6.Close the Add device to the allowed list window. All the changes are saved when the window is closed.
7.To remove a device from the list, select the corresponding item in the list and click .
8.For the devices with file systems, you can configure separate access rules only for reading or for reading and writing. To do this, in the Allowed devices table, enable the Read option to browse the device and the Write option to change it. The rules for devices with file systems can be specified also for user groups and individual users.