nikola_bgd 0 Posted August 24, 2017 Posted August 24, 2017 (edited) Hi, We have a client with the latest version of eset endpoint security that recieved a device control policy from the eset remote administrative server that also has the latest version. The device control policy has a rule which is set to block all device types. We tested this by pluging in different external media into the PC and it is working. However, if we plugin an android phone, we are able to see the phone's data and ssd and copy data between the pc and phone and vice-versa. Is there a way to disallow this activity as well? Edited August 24, 2017 by nikola_bgd
Administrators Marcos 5,451 Posted August 24, 2017 Administrators Posted August 24, 2017 Not all devices can be blocked. Please contact your local Customer care and provide them with: - ELC logs - a Procmon log from the time of connecting the phone to a computer For instructions, see the FAQ section at the right-hand side of this forum. Customer care will properly track the case and relay the logs to developers for analysis.
nikola_bgd 0 Posted August 24, 2017 Author Posted August 24, 2017 Thank you for your reply. I think this is a serious issue for businesses that makes ESET's device control incomplete and very unreliable.
bbahes 29 Posted August 24, 2017 Posted August 24, 2017 12 minutes ago, Marcos said: Not all devices can be blocked. Please contact your local Customer care and provide them with: - ELC logs - a Procmon log from the time of connecting the phone to a computer For instructions, see the FAQ section at the right-hand side of this forum. Customer care will properly track the case and relay the logs to developers for analysis. Are there specific device ID that are not recognized as devices?
Administrators Marcos 5,451 Posted August 25, 2017 Administrators Posted August 25, 2017 For instance, network adapters, keyboards and mice cannot be blocked.
nikola_bgd 0 Posted August 28, 2017 Author Posted August 28, 2017 That's ok, but phone's SSD card is an external storage device. This issue is very disappointing. I see that other security product vendors offer this kind of feature.
Mart3467 0 Posted November 15, 2017 Posted November 15, 2017 Hello, we've got the same problem. Android smartphone isn't shown in devices activity log and not blocked. Why should be block USB when there is no problem to connect smartphone?
bbahes 29 Posted November 16, 2017 Posted November 16, 2017 We have different situation. We want to block smartphone but still be able to access device storage. Users use smartphone as a way to access internet on our internal network, avoiding corporate firewall.
ESET Staff MichalJ 434 Posted November 16, 2017 ESET Staff Posted November 16, 2017 Hello, this is basically valid for all of you. Despite our efforts to support all types of devices, some of them are behaving in a non standard way. We are however able to address those, based on the data provided to us. So in case of any issue like that, I encourage you to open a support ticket, deliver the requested logs. We will proceed with analysis / replication and then implementation of a fix, which could be released either by a module update, or within the next service release of the product.
Mart3467 0 Posted November 17, 2017 Posted November 17, 2017 Hello, you can switch device type in rules. Now all devices are recognized in my case.
Recommended Posts