Restrictions

The most important options in this tab:

Prohibit use of USB-devices
If this option is enabled users won't be able to work with selected USB-devices. A message will be displayed in the tray about the impossibility of using device, and also event will be generated if enabled.

Whitelist of USB-devices
You can set exceptions when blocking USB devices, in this case you need to add the USB-path of device (each per new line).
You can find these values in the "File operations" report (when copying files to a flash drive), as well as in the "Events: user" report (for flash drive insertion / device blocking events, but only in case these events are enabled at this settings tab).
List example:

USB\VID_0952&PID_11D4\MSFT2546493643654
USB\VID_AD07&PID_0316\A117000036428772623

Ignore sticky keys (activity imitation)
When you enable this option and hold down a key on the keyboard for a long time, its sticking will ignored, this prevents the ability to simulate an activity.

"Black" and "white" lists of applications
You can specify application list for the prohibition/permission of execution, respectively (for Linux only "black" list is supported!).
Each application should be specified from a new line and represent either the full path to the executable file, or only the executable file name itself without a path, or application description in Windows.
You can use environment variables (Windows-only).
Examples:

%WinDir%\Syswow64\regedit.exe
bad_app.exe
Microsoft Office Word
/usr/bin/mc
mc

If the application should be forbidden, a tray message will appear on the user's machine, and the application will be closed.
Windows: it's important to note that only applications with windows fall under control, but hidden system applications - do not!

Prevent commands execution in Linux terminal
You must specify a list of commands (each on a new line) that will be prohibited from running in the graphical Linux terminal.
There is no support for non-graphical sessions (console) in this case!
See also "Events" tab group.
Attention! You can specify special pseudo-command kill_agent to prohibit the most common methods of deleting the client part of the complex.
Examples:

sudo vi -c ':!/bin/sh' /dev/null
sudo openvpn --config "$LFILE"
nc -l -p $LPORT -e /bin/sh
kill_agent

See also computer settings tab "Restrictions"

v10.17 (build: May 28 2024)
Introduction +Software suite structure +Software suite installation +Software suite uninstall +Software suite update -Global settings Database users -Software suite settings General settings description +Server settings +Client settings (computer) -Client settings (user) Common settings Monitoring - Face recognition Monitoring - User time Monitoring - Applications-sites Monitoring - Keylogger Monitoring - Clipboard Monitoring - Screenshots Monitoring - Screenshots (extra) Monitoring - Printing Monitoring - File operations Monitoring - Sending files Monitoring - Mail Monitoring - Chats-calls Monitoring - Shadow copy Monitoring - Black box Monitoring - Geolocation Monitoring - Mobile client Restrictions Threats DLP in text, images, speech Critical apps-sites Atypical behavior Events Events (video) Events (extra) Outsourcing Groups Company structure Work schedules Dossier of employees Sync with AD Risk analyzer Report templates File hashes Tariffs List of users Work with DB SQL-console Journal +Other +FAQ +Technical support	Restrictions The most important options in this tab: Prohibit use of USB-devices If this option is enabled users won't be able to work with selected USB-devices. A message will be displayed in the tray about the impossibility of using device, and also event will be generated if enabled. Whitelist of USB-devices You can set exceptions when blocking USB devices, in this case you need to add the USB-path of device (each per new line). You can find these values in the "File operations" report (when copying files to a flash drive), as well as in the "Events: user" report (for flash drive insertion / device blocking events, but only in case these events are enabled at this settings tab). List example: USB\VID_0952&PID_11D4\MSFT2546493643654 USB\VID_AD07&PID_0316\A117000036428772623 Ignore sticky keys (activity imitation) When you enable this option and hold down a key on the keyboard for a long time, its sticking will ignored, this prevents the ability to simulate an activity. "Black" and "white" lists of applications You can specify application list for the prohibition/permission of execution, respectively (for Linux only "black" list is supported!). Each application should be specified from a new line and represent either the full path to the executable file, or only the executable file name itself without a path, or application description in Windows. You can use environment variables (Windows-only). Examples: %WinDir%\Syswow64\regedit.exe bad_app.exe Microsoft Office Word /usr/bin/mc mc If the application should be forbidden, a tray message will appear on the user's machine, and the application will be closed. Windows: it's important to note that only applications with windows fall under control, but hidden system applications - do not! Prevent commands execution in Linux terminal You must specify a list of commands (each on a new line) that will be prohibited from running in the graphical Linux terminal. There is no support for non-graphical sessions (console) in this case! See also "Events" tab group. Attention! You can specify special pseudo-command kill_agent to prohibit the most common methods of deleting the client part of the complex. Examples: sudo vi -c ':!/bin/sh' /dev/null sudo openvpn --config "$LFILE" nc -l -p $LPORT -e /bin/sh kill_agent See also computer settings tab "Restrictions"
© Scopd