1 Reply Latest reply on Mar 9, 2011 3:16 AM by Johann

    Deactivating USB port in LDMS v9.X


      We are looking to understand how we go about restricting access to USB ports in LDMS V9.X. Our security posture requires this and we can do that in our current V8.X implementation and trying to provide that same capability in our planned V9.X upgrade. Can anyone help us with some guidence?

      Thank you

        • 1. Re: Deactivating USB port in LDMS v9.X
          Johann Apprentice

          We had a similar constallation. We migrated from 8.7 to 9.0. As far as I know there is no easy way to migrate your Device Control settings to the new Version.


          The functions in blocking Devices is given in 9.x as it is in 8.x though  it improved in my opinion. You have a much better overview which  devices are allowed and which are blocked. Also I think the way the  Device Control works changed. In version 8.x the drivers were sort of kicked out  when a device was detected which was not allowed, now there is much  more of a service controlling the access (I don't know how this works  exactly).


          The new version provides you with the benefit, that all blocked devices are shown in the Management Suite in realtime. So if anyone plugs in a blocked device, you can see it in the security activity and also add exceptions for the blocked devices.

          As I remember this wasn't so easy with 8.x, here you had to distribute a configuration to all clients right? Now the clients get their configuration through the Sec&Patchs scan.


          We had to create a completely new configuration with adding all the exceptions we had in the prior version. This was a bit of work because we also block drives and cardreaders by default. So we had to wait for the people to call when a device was blocked which was accessible in the past.