- Products
- Learn
- Local User Groups
- Partners
- More
What's New in R82.10?
Watch HereWhen the Agents Attack
A Live Look at Agentic Exposure Validation
AI Security Masters E8:
Claude Mythos: New Era in Cyber Security
CheckMates Go:
CheckMates Fest
Hi, is there a working way to block USB device like flash, external HDD or SSD drive on laptop with harmony endpoint client installed.
Far now, I have created a new policy in Data Protection - General, and in Port Protection, i have blocked all 40 devices, and add a custom new one that targeting Palm OS Devices USB.
And it is not working.
Testing (with windows client version E88.72, and R82 mgmt), with a similar policy to the screenshot above (the only difference was I unticked the 'Allow deletion of file on read-only media' checkbox as well), the storage device gets blocked and there is a pop-up message:
The USB device does appear in explorer:
But attempting to open it gives an access denied message:
Is the desired behaviour that the storage device does not show in explorer at all?
If you are wanting to block all read/write activity to any attached storage device, the settings on the media encryption tab may be better than the port protection tab.
Block all, and add an exception for the specific devices you wish to allow.
i.e.
okay but there is no option to not allowing poping up a file browser tab with USB at first place?
Testing (with windows client version E88.72, and R82 mgmt), with a similar policy to the screenshot above (the only difference was I unticked the 'Allow deletion of file on read-only media' checkbox as well), the storage device gets blocked and there is a pop-up message:
The USB device does appear in explorer:
But attempting to open it gives an access denied message:
Is the desired behaviour that the storage device does not show in explorer at all?
That looks totally correct.
YES, I can accept this as a solution. Thank you.
Explanation in th guid is not so clear.
Can you share entire policy setup for this, because for me it does not work. I can still read, write from and to USB Flash
I've highlighted the elements that I changed:
Have you checked that the endpoint client has correctly updated/applied the relevant policy? e.g.:
it might be a problem, and I know now why 🙂
Let me ask one of my colleagues, I believe he had a case with TAC about this while ago.
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
| User | Count |
|---|---|
| 11 | |
| 6 | |
| 2 | |
| 2 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 |
Tue 07 Jul 2026 @ 03:00 AM (IDT)
Check Point Cloud Firewall - The Cloud Firewall with near 100% Zero Day Prevention built in (ANZ)Tue 07 Jul 2026 @ 05:00 AM (IDT)
Check Point Cloud Firewall – The Cloud Firewall with near 100% Zero-Day Prevention Build In (SEAK)Tue 07 Jul 2026 @ 07:30 AM (IDT)
Check Point Cloud Firewall - The Cloud Firewall with near 100% Zero Day Prevention built in (IST)Thu 09 Jul 2026 @ 10:00 AM (CEST)
Schutz souveräner Workloads: Check Point & die AWS European Sovereign CloudThu 09 Jul 2026 @ 11:00 AM (CEST)
The Cloud Architects Series: Check Point Edge Protection SD-WAN & SASEThu 09 Jul 2026 @ 11:00 AM (EDT)
Tips and Tricks 2026 #9 - What's New with Check Point Email SecurityTue 07 Jul 2026 @ 03:00 AM (IDT)
Check Point Cloud Firewall - The Cloud Firewall with near 100% Zero Day Prevention built in (ANZ)Tue 07 Jul 2026 @ 05:00 AM (IDT)
Check Point Cloud Firewall – The Cloud Firewall with near 100% Zero-Day Prevention Build In (SEAK)Tue 07 Jul 2026 @ 07:30 AM (IDT)
Check Point Cloud Firewall - The Cloud Firewall with near 100% Zero Day Prevention built in (IST)Thu 09 Jul 2026 @ 11:00 AM (EDT)
Tips and Tricks 2026 #9 - What's New with Check Point Email SecurityFri 10 Jul 2026 @ 11:00 AM (IDT)
CheckMates Live Netherlands - Sessie 48: Nieuwe Check Point Workspace SecurityTue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY