NOTICE - This feature is rolling out over the next few months. If you have any questions, contact Support.
Device Control in Nebula allows you to block or restrict access to read-only on USB storage devices. You can exclude USB devices from Device Control by using the allowlist.
This feature requires an Endpoint Agent version of 2.0.0.81 or higher. Confirm an endpoint's version with the Agent version column on the Manage > Endpoints page. To update endpoints, select the endpoints and click Actions > Update Agent. For more information, see Perform actions on endpoints in Nebula.
Note: Exclusions are only supported for USB Storage devices.
Allow USB drives
If a USB device has already been blocked, select the activity on the Device Control > Activity page and click Actions > Add to Allowlist.
Otherwise, proactively add USB devices to the allowlist to override your policy settings and prevent them from being blocked on your endpoints.
To add a USB drive to the allowlist:
- Go to the Allowlist page.
- Click Add device.
- Identify the USB Drive by at least one of the following:
- Vendor name
- Product name
- Serial number
- Select whether to enforce the allowlisting on all endpoints or just endpoints on any of the selected policies.
- Add optional comments.
- Choose whether the rule is enabled or disabled.
- Click Save.
Notes
- To delete a rule, check the checkbox next to a rule and click Delete > Delete.
- To temporarily disable a rule without deleting it, find and disable the toggle under the Status column for the allowlist rule.