Device Control
The Device Control module allows preventing the sensitive data leakage and malware infections via external devices attached to endpoints, by applying blocking rules and exclusions via policy to a vast range of device types.
Note
This module is available for:
Windows for workstations
Windows for servers
macOS
Important
For macOS, Device Control relies on a system extension, which requires user's approval on endpoint.
The system notifies the user that a system extension from Bitdefender was blocked. User can allow it from Security & Privacy preferences. Until the user approves the Bitdefender system extension, this module does not work and the BEST user interface shows a warning message.
To eliminate user intervention, you can pre-approve the Bitdefender extension by whitelisting it using a Mobile Device Management tool. For details about about Bitdefender extensions, refer to Bitdefender system extension blocked in macOS.
To use the Device Control module, you need to follow these steps:
Create an Installation Package that includes the Device Control module, and deploy it on your endpoints.
Enable the Device Control option in the policy applied to these endpoints.
Each time a device is connected to a managed endpoint, the security agent will send information regarding this event to Control Center, including the device name, class, ID and the connection date and time.