This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
inadmin1
Participant
‎2022-08-26 04:44 AM

blocking USB pen drive

Hi, is it possible to block Pen (USB) disk on key drives?

13 Replies
_Val_
Admin
Admin
‎2022-08-26 07:43 AM

Yes

0 Kudos
inadmin1
Participant
‎2022-08-26 09:02 AM
In response to _Val_

How?

0 Kudos
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
‎2022-08-26 08:28 PM
In response to inadmin1

Using Media Encryption & Port Protection (MEPP) features of Harmony Endpoint.

https://sc1.checkpoint.com/documents/Infinity_Portal/WebAdminGuides/EN/Harmony-Endpoint-Admin-Guide/...

CCSM R77/R80/ELITE
inadmin1
Participant
‎2022-08-26 10:12 PM
In response to Chris_Atkinson

The link is dead...

0 Kudos
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
‎2022-08-26 11:33 PM
In response to inadmin1

Not sure why following the link isn't working, just search the admin guide from support centre for Harmony Endpoint.

Section: "Configuring Media Encryption & Port Protection"

CCSM R77/R80/ELITE
0 Kudos
inadmin1
Participant
‎2022-08-27 12:09 AM
In response to Chris_Atkinson

Under port protection, the only thing that i saw there was "Windows_CE_Devices_USB".

It did not block access to USB stick/pen drive.

0 Kudos
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
‎2022-08-27 02:06 AM
In response to inadmin1

Suggest investigating auto device discovery further e.g.

https://community.checkpoint.com/t5/Endpoint/Allow-only-authorized-USB/td-p/68039

CCSM R77/R80/ELITE
0 Kudos
inadmin1
Participant
‎2022-08-27 03:01 AM
In response to Chris_Atkinson

but that explains how to exclude certain drives. I am at the previous stage- trying to block globally.

0 Kudos
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
‎2022-08-28 03:31 AM
In response to inadmin1

How did you configure the default read/write settings or rather what configuration have you done?

CCSM R77/R80/ELITE
0 Kudos
TNatCLS
Explorer
‎2024-10-10 06:17 AM
In response to _Val_

Hi. I have the same question. I read the user guide here, and I am in the right place in the UI, but the list of ports does not specify a USB drive for windows.  How do I prevent USB (removable) storage from being used?

0 Kudos
alexeim
Employee Alumnus
Employee Alumnus
‎2024-10-24 08:08 AM
In response to TNatCLS

That works not on the port level, but on file IO level. Look for read/write policy settings for removable media. Untick "Allow unencrypted data" in read section and select "Block Any Data" in write section.

When you get removable storage media blocked you can create exclusions for specific drives based on the list of discovered devices.

0 Kudos
Mitja-S3NEXT
Collaborator
‎2024-10-24 10:28 AM

 
Windows Portable Devices - option blocked - in the port protection custom settings should solve the problem
 

 

 

Preview file
10 KB
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events