Notification is not displayed on client even though "Notify users when external devices are Allowed" option is enabled.
search cancel

Notification is not displayed on client even though "Notify users when external devices are Allowed" option is enabled.

book

Article ID: 276061

calendar_today

Updated On:

Products

Endpoint Security Endpoint Protection

Issue/Introduction

Notification is not displayed on Endpoint Protection client even though "Notify users when external devices are Allowed" option is enabled, and "Log detected external devices" under "Blocked External Devices" is disabled in Device Control Policy.

<Steps to reproduce>

1. Login to ICDM and create a Device Control Policy like following and assigned it to Windows client.

Blocked External Devices
 - Log detected external devices: Off
 - Notify users when external devices are blocked: On
 - Show a customer notification on the device: [Policy-Block]

Allowed External Devices
 - Log detected external devices: Off
 - Notify users when external devices are blocked: On
 - Show a customer notification on the device: [Policy-Allow]

Device Control rules
 Group by: Windows Rules
Add following rule and set ACTION to [Allow All] .
 - Name: General_USB
 - DEVICE ID: USBTOR*
 - ACTION: Allow All

2. Insert the USB memory stick into the PC and confirm the notification [Policy-Allow] is not displayed.

Also open Explorer on the Windows client and confirm it is mounted as a drive.

3. Edit the Device Control Policy and change Log setting of Block from Off to On.
  Blocked External Devices
   - Log detected external devices: On

  Confirm that the policy is reflected in the Windows client.

4. Insert the USB memory stick into the PC and confirm the notification [Policy-Allow] is displayed now.

Resolution

This issue has been fixed in 14.3 RU9, Notify users when external devices are Allowed" is enabled