Hide this message
Welcome to the NEW Success Center. Search all resources (documentation, videos, training, knowledge base articles) or browse resources by product. If you are unable to find what you are looking for, please contact us at email@example.com
This document describes how to create and configure the USB Defender Local Policy connector on an agent.
The USB Defender Local Policy connector allows an agent to enforce restrictions on USB devices even while the agent is not connected to the manager. Rather than using rules when disconnected, the connector uses a list of permitted users or devices. To do this, the agent compares the fields in all USB device "Attached" events to a locally stored whitelist of users or devices. If none of the fields match an entry on the list, the agent detaches the device.
When the agent is connected to the manager via the network, the manager rule also applies. So any devices listed in the local whitelist must also be in the User Defined Group for authorized devices or the rule takes effect and the device detaches even though it was allowed by the whitelist in the USB Defender local policy. When the agent is connected, both USB Defender Local Policy and the LEM rule are active.
All LEM versions
To configure the USB Defender Local Policy connector:
Note: The authorized devices in the local whitelist must also be in the UDG for manager’s Detach Unauthorized USB rule or the rule on the manager enforces detachment when the laptop is connected to the network. In reverse, if you are using a blacklist and the device is in the USB Local Policy and not in the User Defined Group of the rule, the device still detaches.
Having a device or user in one whitelist or blacklist and not in the other is not recommended and results in inconsistent results.