Working with Device Explorer
Default permission rules are created and configured when you install Device Control. These rules include file shadowing and read/write permissions for some devices. An administrator uses the Device Explorer module to define new device permission rules for users, groups, computers, or devices.
With the Device Explorer module of Device Control, Ivanti Device and Application Control administrators can:
- Create and modify permission rules for user access to encrypted removable storage media
- Identify users who must encrypt removable storage media before use
- Manage removable storage media by adding and removing devices from the Ivanti Device and Application Control database
- Define bus types according to device class for assigning user access permission rules
The following types of user access permission rules can be assigned using the Device Explorer:
- Read data
- Read/write data
- No access to data
- Access only encrypted removable storage media
- Create online device access
- Create offline device access
- Schedule device access
- Create temporary device access
- Establish data copying limits
- Encrypt and decrypt removable storage media
- Export and import encryption keys for device access outside of the Ivanti Device and Application Control system
- Device Explorer Window
An administrator uses the Device Explorer hierarchy to create and manage device and computer user groups, as well as, assign permission rules for online, offline, temporary and scheduled device use. The Device Explorer module is also used to create and manage file shadowing rules.
- Managing Devices
When Device Control is initially installed, all removable storage devices that belong to standard Microsoft Windows® device classes are identified and added to the database. You can set up and manage user access permission rules for the different models and specific device types using the Device Explorer.
- Managing Permissions
To define user access permission rules for a device or device class, you must assign one or more users or user groups to the device.