To prevent data leaks, the Device Control option applies rules and exceptions to Allow, Block, or Custom the policy rules on external devices once the antimalware option is applied to the endpoints.
Devices already connected to Qualys endpoints are discovered after you restart the corresponding endpoints.
The set of following exceptions might differ for each Device Class:
The following table lists the Device Class and the exceptions for Windows:
Device Class | Allow | Block | Custom |
Bluetooth Devices | ![]() |
![]() |
PCI, PCMCIA, and USB |
CDROM Drives | ![]() |
![]() |
![]() |
IEEE 1284.4 | ![]() |
![]() |
Others, Firewire, IDE, ISA Plug & Play, PCI, PCMCIA, SCSI, and USB |
IEEE 1394 | ![]() |
![]() |
Others, Firewire, IDE, ISA Plug & Play, PCI, PCMCIA, SCSI, and USB |
Imaging Devices | ![]() |
![]() |
Others, Firewire, IDE, ISA Plug & Play, PCI, PCMCIA, SCSI, and USB |
Modems | ![]() |
![]() |
Others, Firewire, IDE, ISA Plug & Play, PCI, PCMCIA, SCSI, and USB |
Tape Drives | ![]() |
![]() |
Others, Firewire, IDE, ISA Plug & Play, PCI, PCMCIA, SCSI, and USB |
Windows Portable | ![]() |
![]() |
Others, Firewire, IDE, ISA Plug & Play, PCI, PCMCIA, SCSI, and USB |
COM/LPT Ports | ![]() |
![]() |
Others, Firewire, IDE, ISA Plug & Play, PCI, PCMCIA, SCSI, and USB |
Printers | ![]() |
![]() |
Others, Firewire, IDE, ISA Plug & Play, PCI, PCMCIA, SCSI, and USB |
Network Adapters | ![]() |
![]() |
![]() |
Wireless Network Adapters | ![]() |
![]() |
![]() |
Internal Storage | ![]() |
![]() |
![]() |
External Storage | ![]() |
![]() |
Others, Firewire, IDE, ISA Plug & Play, PCI, PCMCIA, SCSI, and USB |
In the following procedure of Device Control, we have selected Bluetooth Device Class as an example:
To unblock a blocked connected device, restart the system or reconnect the device to use it again.
The following screenshot displays an example of the updated changes for the Bluetooth Device Class with the Custom Permission:
Once the device class permissions are configured in the Device Control, you can exclude the devices in the Exclusions step. For more information about device control exclusion, see Exclusion Support.
Was this topic helpful?