Good day Fortinet Family,
I am use to Symantec Endpoint Protection (SEPM) and other security management endpoint applications where i can block USB/removable storage media excluding mouse, keyboard etc as it was easier, especially with SEPM.
How can achieve this with Forticlient EMS 7.2?
In my Forticlient admin portal, I am at the section under MALWARE PROTECTION where you can block removable media, but some scary stuff here, when i select "block" it says that keyboard and mouse will be blocked as well LOL. I am also seeing some simple/regular expression fields to fill out some exclusions, I guess.
Then i came upon this post.
https://www.reddit.com/r/fortinet/comments/mpdtcq/forticlient_ems_never_ever_block_default/
I created a test environment with a test policy, profile and OU, adding only one laptop to this and trust me, i applied the block option and NOTHING works on the laptop.
Can someone tell me how to only block removable stage while allowing other important usb devices like the mouse and keyboard?
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
FortiClient EMS processes all rules like a firewall about removable media (Up to down). Firstly, you need to allow HID. You can use a class attribute for that. After that, you can configure rules for anything you want to block or allow. For example, you can use it like that. It should be work that way.
Hello NeoRant,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
FortiClient EMS processes all rules like a firewall about removable media (Up to down). Firstly, you need to allow HID. You can use a class attribute for that. After that, you can configure rules for anything you want to block or allow. For example, you can use it like that. It should be work that way.
Thank you @ozkanaltas , I did exactly this before seeing this solution. God bless you, you are a master.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1705 | |
1093 | |
752 | |
446 | |
230 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.