This feature allows you to manage access to storage devices by permitting or blocking their use. This helps limit the use of USB drives and only allows specific devices. It provides greater security and control over available resources.
1 - How to list IDs (if they are not already defined)
Use the script 'listUSB.ps1' (refer to the end of the article) to get the removable device information (vendorsID, ProductID, Serial number):
- Ensure that the device is connected to the endpoint,
- Launch powershell in administrator mode.
- If the script does not launch, use the following command to allow Powershell to do so:
2 - Configuring Permissions :
After obtaining the device information, please follow these steps:
- Sign in to the Nucleon console,
- Click on the 'Policies' tab :
3. Select the policy where you want to make changes :
- The policy will be activated on the agent once it retrieves its configuration during its next heartbeat.
- Filtering is automatically applied to all endpoints associated with this policy.
4. Add the device information (vendorsID, ProductID, Serial number) in this section : 
- By default, if no identifiers (vendor ID, product ID, or serial number) are specified, all external storage are permitted.
- You can apply filters based on a specific brand using the vendor ID, a particular model using the product ID, or a specific device using the serial number.
- Multiple values may be defined; however, at least one valid value must be present for the connected device to allow access.
- To block all USB devices, enable the USB blocking application.
5. Then, click on 'Apply & push to endpoints' to apply the update :
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article