Submit a ticketCall us

AnnouncementsFace your biggest database issues head-on

Our new eCourse helps you navigate SQL Server performance blocks by teaching you how to recognize and deal with the three DBA Disruptors: Performance Hog, Blame Shifter, and Query Blocker. Register today to learn how to defend your environment and fend off menacing disruptions.

Register for your free eCourse.

Home > Success Center > Log & Event Manager (LEM) > LEM - Knowledgebase Articles > Configure USB Defender to allow or disallow specific user groups

Configure USB Defender to allow or disallow specific user groups

Table of contents
Created by Jason Dee, last modified by MindTouch on Jun 23, 2016

Views: 1,521 Votes: 0 Revisions: 3

Overview

This article provides steps on how to configure USB Defender to allow or disallow specific user groups. By default, the Detach Unauthorized USB Device rule detaches any USB devices that are not specified in the Allowed USB Devices User Defined Group. 

Environment

  • All versions of LEM 
  • USB Defender

Steps

  1. Go to Build > Rules and edit your Detach Unauthorized USB Device rule.
  2. Add an additional condition in the Correlations section that looks like:
    SystemStatus.SourceAccount = YOURDEFINEDGROUP (EQUAL sign to include) 
    or
    SystemStatus.SourceAccount != YOURDEFINEDGROUP (NOT EQUAL sign to exclude)

    NOTE: YOURDEFINEDGROUP can be either a User Defined Group that you created or a Directory Service Group that you imported under Build > Groups. Both of these options will have their own section on the left side of the screen while editing your rule.

 

Last modified

Tags

Classifications

Public