nitrobit device blocker
Contents
1. nitrobit device blocker User s Guide Page 2 4 nitrobit device blocker User s Guide Content le INESIS eener le 4 TU nd a a EOE 4 Functions of nitrobit device blocker ssssisssssnansmnns 4 System GOMPBONSNI Satter a nennen ste 4 I Installing the SV SUN us serenades ten eenen 5 System requirements nst etende 5 System SOUP wensten nne neden nn tn en 5 UW Defining PONCIE Sharma enden are din nee 6 DEVICES tentdak 7 Defining a device definition oi rere tenor nne dns 7 VOlUME ACCES Sii E PR eene nebe 8 EXCEPTION c A 8 Path EXCODEIDES uisaute sidus eme ssa tn sneden dee 9 Device EKCSD OMR m s nl 9 Define a volume access policy na eroe ur it ennemies 10 Define a volume path exception iniri entrer ne oen is ares ka P 3 nus dec ikRih 10 Define a volume device exception 11 IV Managing Clement nie et SEV a 12 Chent Set P 12 Manual Ista SEO renee sa une 12 Automated Client RolltE usiucs sabina eia ea epa ebo X PERS ue ia pet EA Rh DURS pErK SUAE 12 Automated Client Rollout with an Administrative Installation 12 Automated Client Updates uice eiat terrine 13 Detecting and Resolving Problems 14 Using the Support Data Collection Tool 14 Client Referente saneren dans ues dates nes te enen 15 Registry VAES arenden teen eee ea R EEN S 15 Eee 16 Beg A EN 16 Document Version 1 02. nitrobit device blocker User s Guide Page 3 I Introduction Overview nitrobit device blocker is a Data Loss Prevention DLP product for Microsoft Windows nitrobit device blocker allows the administrator to configure an access policy to devices which a user could use to export confidential information Functions of nitrobit device blocker With nitrobit device blocker the following access policies can be defined Devices Restrict access to COM LPT ports Bluetooth and IrDA devices Volumes Restrict access to fixed disks removable storage CD DVD drives network drives and plug and play storage devices System Components nitrobit device blocker consists of a system service a driver as well as an editor The editor allows the administrator to define various access policies The system service and the driver are responsible to enforce the policies Page 4 4 nitrobit device blocker User s Guide Il Installing the system System requirements nitrobit device blocker can be used on workstations with one of the following operating system e Microsoft Windows 2000 ServicePack 4 e Windows XP e Windows 2003 e Windows Vista System Setup To make use of nitrobit device blocker the software has to be installed on every client computer A server side setup or configuration is not necessary On administration workstations you can use the setup to install the editor and client components manually or automatically F
3. or service names mentioned herein are the trademarks of their respective owners Contact analytig consulting gmbh Hermann Steinhauser Strake 43 47 63065 Offenbach Germany Tel 49 69 1730 9891 0 Fax 49 69 1730 9891 1 E Mail support nitrobit com Web www nitrobit com Page 16 4 nitrobit device blocker User s Guide
4. policy double click the volume type you want to configure First define the default access rule which can be one of the following e No Access Read only e Full Access default 4 nitrobit device blocker Le mt e Plug and Play Storage All storage devices connected via a Plug and Play Bus USB Floppy drives USB Hard disks USB CD DVD drives and USB Memory Sticks belong to this category as well as IEEE 1394 Devices Access Read ony Device Exceptions Add lv A Kingston DT BLACKBOX USB Device Edt Define a volume path exception r Path Exception To add a new volume path exception simply click the _ Add button On the dialog that pops up you can sem ess a select the access rule for this exception and you can enter a path for which the exception is valid ION esM E For a complete description of path exceptions please refer to the chapter Path Exceptions on page 9 Come Le A Page 10 4 nitrobit device blocker User s Guide Define a volume device exception Device Exception Access Full Access Description Kingston DT BLACKBOX USB Device Vendor 1921 Product Serial 0651C38110525893 Select Cancel Description Vendor Product Serial Kingston DT Secure US 2284 8249 0DE13A7072E1C940 Q INTENSO USB USB Device 2316 4096 AA04012900007477 9 Kingston DataTraveler 2352 25907 0
5. 8C12350812368E2 V Samsung Mighty Drive 1256 5667 0749 199203FE Sony Storage Media US 1356 579 2407091461764 JetFlash T54GJFV33U 1423 25479 O03YWQWEY WD 5000BEV External 4184 1796 57442D57584E 59303 Verbatim STORE N GO 5118 7715 070007860BA000CF MEDION USB Device 5421 9016 0200000006DD Maxtor 6 L300RO USB 1659 9479 A604232B6 V SanDisk Ultra Backup U 1921 21813 3514000A2ED2537A L Kingston DT BLACKBOX 1921 21826 0651C3811052B893 4 Ces nitrobit device blocker User s Guide To add a new device exception click the chevron on the Add button and select Device Exception On the dialog that pops up you can select the access rule for this exception Next sn enter a product and vendor ID The serial number is optional If the serial number is omitted the device exception will be valid for the product If you specify a serial number the exception is valid only for this unique device Instead of entering a product and vendor ID you can also select a device by clicking the Select button On the following dialog you can choose between all storage devices that have already been connected to the computer Finally you can enter a description for the exception Page 11 IV Managing Clients Client Setup In order to use nitrobit device blocker you need to install the client component on every workstation You can install the nitrobit device blocker Cli
6. NBPROGRAM c Program Files My folder Automated Client Rollout with an Administrative Installation In addition to command line options you can specify the licensing information during an administrative installation Use the following command line to start the administrative installation Page 12 4 nitrobit device blocker User s Guide msiexec a c myfolder NitrobitDeviceBlocker msi Now you can use the administrative installation package to install clients manually or automatically without the need to reenter client configuration data Automated Client Update You can also automate the Update Process for your clients To update your clients with a new version of nitrobit device blocker use the following sample command line msiexec qn fvoums c myfolder NitrobitDeviceBlocker msi Your installed license key remains intact Note that the qn Option suppresses any dialogs This includes the reboot confirmation dialog 4 nitrobit device blocker User s Guide Page 13 Detecting and Resolving Problems In order to find any problems regarding the nitrobit device blocker client you should check the event log The nitrobit device blocker client reports any error condition to the application event log Moreover you can get a detailed report of the policy enforcement if you raise the logging level to high logging Using the Support Data Collection Tool If you need to collect data for the nitrobit su
7. also define exceptions for each volume type Nitrobit device blocker can enforce the following access rules No access The user cannot read or write any data Read only The user can read files and see directory contents but cannot write to the volume Full access The user has full read and write access to the volume Please note that additional access control mechanisms may exist e g NTFS or share permissions Exceptions Two different kinds of exceptions are available depending on the volume s type Path exceptions Can be defined on all volume types except CD DVD drives Device exceptions Can be defined on plug and play storage volumes Page 8 4 nitrobit device blocker User s Guide Path Exceptions Path exceptions allow to define a different access rule for a given path The access rule consists a path and its access rule If a file is accessed and its path matches the the access rule then the access rule is enforced The path of an access rule can contain wild cards If it does not contain any wild card it will be used as starts with match Therefore Temp is the same as NTemp Environment variables will be substituted For example SUSERNAMES will be replaced with the username of the current user Hard disks and removable media drives can contain a drive letter in the path If it is left out the path will match on all hard disks For example C NTemp will match on the folder Temp on the first h
8. ard disk Temp will match the Folder Temp on every hard disk Plug and play storage devices will get a new drive letter every time they are connected to the computer Therefore using a drive letter in the path rule for removable storage devices is not supported Path rules for network drives are defined by their UNC path even if the network drive is connected through a drive letter Example H is a connected network drive that points to v Nserver homes Nusername the corresponding path rule would be server home Susernames Path exceptions are evaluated in an ordered list The first exception that matches will be used Therefore special cases must be ordered before general cases e g C Temp Download must be ordered before C NTemp Device Exceptions Device exceptions allow to define a different access rule for a specified device The access rule consists of an access rule a vendor ID a product ID and an optional serial number Use the product and vendor ID to target specific devices of the same kind For example a specific USB memory stick product Additionally you can specify the serial number to target a specific device by its unique USB ID Path and device exceptions can even be combined If both a path and a device exception are matching at the same time the more restrictive rule will be enforced nitrobit device blocker User s Guide Page 9 Define a volume access policy To define a volume access
9. ent in different ways If you plan to install a larger number of clients you may consider the automated client roll out options described below Manual Installation In order to install the client component manually you can directly execute the nitrobit device blocker installer file named NitrobitDeviceBlocker msi During the installation you can supply licensing information If no license is submitted the software will run in an evaluation mode You can add a license key later by restarting the setup and choosing the License button i Nitrobit Policy Extensions Setup xj Modify Repair or Remove installation Select the operation you wish to perform Modify Allows users to change the way features are installed Repair Repairs errors in the most recent installation state fixes missing or corrupt files shortcuts and registry entries Remove Removes Nitrobit Policy Extensions from your computer License View or change the license key on this dient lt Back Next Automated Client Rollout The client installation can be automated The property LICENSEFILE can be used to configure the client as needed You can also change the installation directory with the DIR_NBPROGRAM property To submit properties for a silent installation use the following sample command line msiexec i c myfolder NitrobitDeviceBlocker msi qn LICENSEFILE c myfolder Nitrobit lic DIR_
10. or user workstations you can additionally use the group policy based integrated client deployment to install the client component without running a setup program Please have a look at chapter IV Managing Clients on page 12 for further details of the installation Bl nitrobit device blocker Setup nitrobit device blocker Welcome to the nitrobit device blocker Setup Wizard The Setup Wizard will install nitrobit device blocker on your computer Click Next to continue or Cancel to exit the Setup Wizard Cee 4 nitrobit device blocker User s Guide Page 5 Ill Defining Policies nitrobit device blocker can define access policies to certain storage media types as well as certain device types These access policies are managed on a per computer basis and valid for all users on the machine 4 nitrobit device blocker Sa QE Volume lt Hard Disks Ji Removeable Media Drives E a CD DVD Drives Cc Network Drives S m se Plug and Play Storage Devices que COM LPT Ports Q Bluetooth Devices iF IrDA Devices Page 6 4 nitrobit device blocker User s Guide Devices The device management of nitrobit device blocker enables you to activate and deactivate the following device types COM LPT devices Bluetooth devices IrDA devices Defining a device definition In order to define a device definition please carry out the following steps Start the nitrobi
11. pport team or want to collect data from a machine for your own debugging purposes you can use the Data Collection Tool that is shipped with nitrobit device blocker It is located in the Support folder of your installation source and called Support exe r 4 Operation less Operation Please select the operation to perform Pr Welcome to the nitrobit group policy support utility ae df d Please select the operation to be performed below Note that for some operations administraton rights may be required For detailed information please look at the quick reference by clicking You can prepare the Data Collection by raising the nitrobit client Event Log Level to the maximum Further Support exe can collect Data into a Zip File Page 14 4 nitrobit device blocker User s Guide Client Reference Registry Values The client component uses the following registry values stored at HKEY LOCAL MACHINE SOFTWARE Nitrobit nitrobit device blocker LogLevel DWORD Value defining the logging level for EventLog mes sages Values 0 default 1 high License Client License 4 nitrobit device blocker User s Guide Page 15 V Legal Notice analytig the analytig Logo nitrobit and the nitrobit Logo are registered trademarks Microsoft and Windows are registered trademarks of Microsoft Corporation Linux is a registered trademark of Linus Torvalds Unix is a registered trademark of The Open Group Other product
12. t device blocker editor and open the device type for which you would like to add an access rule by clicking on it On the following screen you can activate or deactivate the device rc nitrobit device blocker GL Bluetooth Devices Access Deactivate nitrobit device blocker User s Guide Page 7 Volume Access Through volume access policies nitrobit device blocker helps to control access to external resources on the corporate network This helps to protect corporate networks from leaking confidential information Nitrobit device blocker can distinguish between the following volume types Hard disks Fixed disks installed on the system Drives using hot plug busses like USB do not belong to this category they are categorized as plug and play storage Removable media drives Drives using Floppies SD Cards ZIP and MO Media Drives using hot plug busses like USB do not belong to this category they are categorized as plug and play storage Plug and play storage All storage devices connected via a Plug and Play Bus USB Floppy drives USB Hard disks USB CD DVD drives and USB Memory Sticks belong to this category as well as IEEE 1394 Devices CD DVD drives All CD and DVD reader writer drives Network drives All Network Drives using the Windows CIFS protocol or WebDAV The administrator can control how access to each of these volume types is handled Additionally the administrator can
Download Pdf Manuals
Related Search