External Device Control feature in Linux Comodo Client Security act as a security feature that helps in blocking unknown external storage devices like USB sticks or drives accessing the system. At the same time, allows selected devices to connect to the system by adding the devices to exclusion list.
External Device Control Settings using Comodo Client Security for Linux:
Device Control Settings helps to block access to unknown external storage devices that can cause a security threat.
There are two major options available in the Device Control viz,
This option is used to prohibit access to external storage devices. You can define the exclusions to allow the selected devices to connect with the system. Its default value is “Disabled”
Tip: Please make sure the device is already mounted to the system before enabling device control option.
2. Select from Existing Device
3. Select from Custom Device:
The below screenshot shows how to add the VendorID, ProductID, and Serial for the device to be added in the exclusions list.
All devices connection/disconnection events, blocked/unblocked devices details are added to the CCS logs. These logs can be viewed in the “Log Viewer” module. Its default value is “Enabled”.
Once the Device Control Option is enabled, CCS prohibits the unknown external storage devices like USB sticks, from accessing the system. Only the devices that are added in the exclusions list will be allowed to access the system.
The screenshot shows the Device Control Logs that contain the state (Connected/Disconnected) of the device and Permission(Blocked/Allowed) for the device to access the system.
Tip: The below screenshot shows the blocked devices list of the system that can be tested via command ($lsblk).
The below screenshot shows the Configuration Log for devices that are added to the exclusions list. These devices are allowed to access the system.
The below screenshot shows the list of tasks executed since CCS is launched in the system.