F-Secure Device Control not blocking "write access" or "executable launching" on USB mass storage de

This discussion has a more recent version.

Issue:

  • User attaches a USB mass storage device but F-Secure Device Control does not block access to it.
  • Admin has disallowed writing to removable storage devices, this works correctly on USB thumb drives, however external USB disk drives can still be written to. How to ensure that writing to external disk drives is also blocked just like the USB thumb drives?

Resolution:

Note: This article is relevant to all F-Secure products using Device Control: F-Secure Client Security 13 and 14, F-Secure PSB Computer Protection and PSB Server Protection. 

In some cases external USB disk drives report themselves to Windows as standard drives, and due to this Device Control sees them as normal drives instead of external. In the event that USB thumb drives are blocked but not external disks, try the following:

Device Control has an advanced device type recognition logic which is disabled by default, but can be activated by registry manipulation:

  1. Under the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\F-Secure Gatekeeper\Parameters create a value of type DWORD with name EnableHotplugResolving and set the value to 1
  2. run cmd.exe with administrator priviledges 
  3. net stop fsulhoster
  4. net stop "f-secure gatekeeper"
  5. net start fsulhoster
Test this out as it should resolve the problem.

Article no: 000006258

Sign In or Register to comment.