North America
  • North America
  • Europe
  • United Kingdom
  • Asia & Pacific
  • Australia
  • South America
  • Africa

How to Manage External Devices in COMODO Client Security for Linux

Release Time
07/11/2019
Views
155 times


External Device Control feature in Linux Comodo Client Security act as a security feature that helps in blocking unknown external storage devices like USB sticks or drives accessing the system. At the same time, allows selected devices to connect to the system by adding the devices to exclusion list.

 

Features:

  • Unknown external storage devices can be blocked using the Device Control option.
     
  • User can define devices to the exclusions list, which are allowed to connect to the system, whereas others are blocked.
     
  • CCS Logs maintain the logs for Device Control, Tasks launched and Configuration.

 

External Device Control Settings using Comodo Client Security for Linux:

Device Control Settings helps to block access to unknown external storage devices that can cause a security threat.

  • Open Comodo Client Security. Click ‘More’ -> ‘Preferences’ -> ‘Device Control’
     
  • The below screenshots shows the navigation  to the path (Click ‘More’ -> ‘Preferences’ -> ‘Device Control’)
     

 

 

There are two major options available in the Device Control viz, 
 

  1. Enable Device Control
  2. Log detected devices
     

Enable Device Control

This option is used to prohibit access to external storage devices. You can define the exclusions to allow the selected devices to connect with the system. Its default value is “Disabled”

 

 

  1. Add Device Exclusions:
    Devices added in exclusions list can be allowed to access to the system. This can be done in two ways:
    1. Select from 'Existing Device' 
    2.  Select from 'Custom Device'

Tip: Please make sure the device is already mounted to the system before enabling device control option.

       2. Select from Existing Device 

  • Open Comodo Client Security. Click ‘More’ -> ‘Preferences’ -> ‘Device Control’.
     
  • Click the ‘Add’ button -> choose ‘Existing device’ option.
     

  • Select the device to be added to the exclusions list from the dialog “Select devices” that appear. Then click “OK” to make the changes effect.
     
  • Now, the device has been added to the exclusions list and can be allowed to access the system.
     
  • Repeat the process to exclude more devices.
     

 

    3. Select from Custom Device:

  • Open Comodo Client Security. Click ‘More’ -> ‘Preferences’ -> ‘Device Control’.
     
  • Click the ‘Add’ button -> choose ‘Custom device’ option.
     

  • Enter the Vendor identifier(VID), Product identifier(PID) and Serial of the device to be added to the exclusions list.
    For e.g., if VID = 2717 , PID=ff10 and Serial = 41ead65d7d53, add the values inside the dialog like
    usb\VID2717 &PIDff10 \41ead65d7d53.

    Tip: In order to get the above details for a device, execute the command “$lsusb -v” on command prompt. It lists the verbose details for all the USB devices mounted to the system.

The below screenshot shows how to add the VendorID, ProductID, and Serial for the device to be added in the exclusions list.
 

  • Click ‘Apply’ in the ‘Add Custom Device’ dialog.
     
  • Click ‘OK’ in the ‘Preferences’ dialog to make the changes effect.

Log detected devices

 All devices connection/disconnection events, blocked/unblocked devices details are added to the CCS logs. These logs can be viewed in the “Log Viewer” module. Its default value is “Enabled”.

  • Click ‘More’-> ‘View Antivirus Events’ -> ‘More’ -> ‘Device Control Events’
     
  • See “Device Control Logs” for further details.

Once the Device Control Option is enabled, CCS prohibits the unknown external storage devices like USB sticks, from accessing the system. Only the devices that are added in the exclusions list will be allowed to access the system.

The screenshot shows the Device Control Logs that contain the state (Connected/Disconnected) of the device and Permission(Blocked/Allowed) for the device to access the system.

 


Tip: The below screenshot shows the blocked devices list of the system that can be tested via command ($lsblk).
 

 

The below screenshot shows the Configuration Log for devices that are added to the exclusions list. These devices are allowed to access the system.
 

 

The below screenshot shows the list of tasks executed since CCS is launched in the system.