Desktop Asset Manager Help >> Operation Guide >> Desktop Control Policy >> Peripheral Policy >> Add/Modify Peripheral Policy

Add/Modify Peripheral Policy

This function helps you add or modify peripheral policies.

Operation Procedure

1. Select the User tab, and in the navigation tree of Desktop Asset Manager, select Desktop Control Policy > Peripheral to enter the page listing the peripheral policies.
2. Click Add to enter the page for adding a peripheral policy. To modify a policy, click the link of the policy to be modified.
3. Specify the settings, such as the policy name, description, types of the devices that are not authorized. You can also specify the iNode clients to report information about illegal peripheral use to the server for auditing.
4. Click OK.

Precautions

• Policy names must be unique in the system, and it cannot be changed when you modify the policy.
• A peripheral policy contains at least one peripheral monitoring option.
• Both storage devices and non-storage devices are supported on USB ports. You can configure policies for each type of devices respectively. Usually USB storage devices include USB flash drive and portable hard drive, while USB non-storage devices include USB mouse, USB keyboard, USB printer, USB wireless card, and USB 3G wireless card. The identification of devices may vary. It is recommended to verify what the devices are identified as before configuring peripheral management policies.
• PCMCIA is a generic interface for storage card and 3G wireless card. If you configure a policy to prohibit the use of the interface, devices that connect to the interface are not available.
• Duplicate entries are automatically merged on the USB storage device allowlist or unknown USB device allowlist.

Parameters

• Name: Uniquely identifies a policy.
  
• Report Use of Unauthorized Devices: Specifies whether the iNode clients report the information about illegal peripheral use to the server for auditing.
• Unauthorized Devices: Specifies which devices are not authorized to be used in the network.
• Monitor USB File Transfer: Enables the iNode client to report USB storage write operation on the user terminal to the server.
• Monitor Printer Usage: Enables the iNode client to report the event to the server when the client detects that a printer is connected to the user terminal.
• USB Storage Device Allowlist: The list contains all USB storage devices permitted to be used on the iNode client host. UAM does not support adding USB storage devices to the allowlist. Other USB storage devices are prohibited from being used on the iNode client host.
  To view the VID and PID numbers of a USB device:
  1. Open the device manager and expand the list of Universal Serial Bus controllers.
  2. Right-click the target USB Mass Storage Device and then select Properties from the shortcut menu. The Mass Storage Device Properties window appears.
  
  
  
  3. Click the Details tab and then select Device Instance Id from the list. A string appears.
  
  
  
  You can view the four-digit VID and PID next to the VID_ and PID_ strings, respectively.
• Unknown USB Device Allowlist: List of unknown USB devices that the iNode client can use. The list is available after you select Unknown USB Devices. Each allowlist entry contains a vendor ID and a product ID. Unknown USB devices that are not on the allowlist cannot be used. View the vendor ID and the product ID on this allowlist in the same way you view the vendor ID and the product ID on the USB storage device allowlist.
• Sunlogin Device Denylist: When you select to disable Sunlogin devices, add the vendor ID and product ID of each disabled Sunlogin device to the Sunlogin device denylist.
• Device Unauthorized Message: Select this option and configure the message that the iNode client displays on the device unauthorized by the peripheral policy.

Related Topics

• Delete Peripheral Policy