This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
freeman91
Contributor
‎2025-11-10 02:17 AM
Jump to solution

Harmony Endpoint - Block usb flash

Hi, is there a working way to block USB device like flash, external HDD or SSD drive on laptop with harmony endpoint client installed.
Far now, I have created a new policy in Data Protection - General, and in Port Protection, i have blocked all 40 devices, and add a custom new one that targeting Palm OS Devices USB.

And it is not working.

0 Kudos
1 Solution

Accepted Solutions
Ben_Dunkley
Contributor
‎2025-11-11 02:05 AM
In response to freeman91
Jump to solution

Testing (with windows client version E88.72, and R82 mgmt), with a similar policy to the screenshot above (the only difference was I unticked the 'Allow deletion of file on read-only media' checkbox as well), the storage device gets blocked and there is a pop-up message:

 

device-blocked.png

The USB device does appear in explorer:

Screenshot 2025-11-11 100156.png

But attempting to open it gives an access denied message:

Screenshot 2025-11-11 100224.png

 

Is the desired behaviour that the storage device does not show in explorer at all?

 

View solution in original post

(1)
9 Replies
Ben_Dunkley
Contributor
‎2025-11-10 05:48 AM
Jump to solution

If you are wanting to block all read/write activity to any attached storage device, the settings on the media encryption tab may be better than the port protection tab.

Block all, and add an exception for the specific devices you wish to allow.

i.e.

Screenshot 2025-11-10 134629.png

0 Kudos
freeman91
Contributor
‎2025-11-10 05:59 AM
In response to Ben_Dunkley
Jump to solution

okay but there is no option to not allowing poping up a file browser tab with USB at first place?

0 Kudos
Ben_Dunkley
Contributor
‎2025-11-11 02:05 AM
In response to freeman91
Jump to solution

Testing (with windows client version E88.72, and R82 mgmt), with a similar policy to the screenshot above (the only difference was I unticked the 'Allow deletion of file on read-only media' checkbox as well), the storage device gets blocked and there is a pop-up message:

 

device-blocked.png

The USB device does appear in explorer:

Screenshot 2025-11-11 100156.png

But attempting to open it gives an access denied message:

Screenshot 2025-11-11 100224.png

 

Is the desired behaviour that the storage device does not show in explorer at all?

 

(1)
the_rock
MVP Platinum
MVP Platinum
‎2025-11-11 02:57 PM
In response to Ben_Dunkley
Jump to solution

That looks totally correct.

Best,
Andy
0 Kudos
freeman91
Contributor
‎2025-11-12 12:02 AM
In response to Ben_Dunkley
Jump to solution

YES, I can accept this as a solution. Thank you.
Explanation in th guid is not so clear.

0 Kudos
freeman91
Contributor
‎2025-11-13 05:20 AM
In response to Ben_Dunkley
Jump to solution

Can you share entire policy setup for this, because for me it does not work. I can still read, write from and to USB Flash

0 Kudos
Ben_Dunkley
Contributor
‎2025-11-13 06:25 AM
In response to freeman91
Jump to solution

I've highlighted the elements that I changed:

Screenshot 2025-11-13 141915.png

Have you checked that the endpoint client has correctly updated/applied the relevant policy? e.g.:

Screenshot 2025-11-13 142358.png

 

freeman91
Contributor
‎2025-11-13 06:36 AM
In response to Ben_Dunkley
Jump to solution

it might be a problem, and I know now why 🙂

 

Screenshot_7.pngScreenshot_6.png

0 Kudos
the_rock
MVP Platinum
MVP Platinum
‎2025-11-10 06:01 PM
Jump to solution

Let me ask one of my colleagues, I believe he had a case with TAC about this while ago.

Best,
Andy
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events