UDT uses inclusion rules to determine which endpoints are connected to UDT both monitored devices that are safe and unsafe. Endpoints that are determined by UDT as unsafe are not covered by the White List rules but can be found in the Rogue Devices resource.
UDT White List determines endpoints using the following rules by default: host name, IP Address, and MAC addresses. With these rules enabled, all endpoints connected to your monitored UDT devices are placed on your white list.
For further information, see: