From eScan Wiki
||· eScan · MailScan · Technologies||· Technical Info · Security Awareness · User Guides|
eScan Version 11 (and above) Online Help
This module protects your computer or endpoints from data thefts and security threats through USB or FireWire® based portable devices. It comes with an Application control feature, which helps you block unwanted
applications from running on your computer. In addition, this feature provides you with a comprehensive reporting feature that helps you determine which applications and portable devices are allowed or blocked by
This page provides you with information regarding the status of the module and options for configuring it.
- Start / Stop: It enables you to enable or disable Endpoint Security module. Click the appropriate option.
There are two tabs as follows – Application Control and Device Control
1. Application Control
This tab helps you control the execution of programs on the computer. All the controls on this tab are disabled by default.
You can configure the following settings.
- Enable Application Control: You should select this check box if you need to enable the Application Control feature of the Endpoint Security module.
I. Block List
- Enter Application to Block: Enter the name of the application to be blocked from execution.
- List of Blocked Applications: This list contains blocked executables of applications that are predefined by MicroWorld. Each of the applications listed in the predefined categories are blocked by default. In addition, you can also add executables that you need to block only to the Custom Group category. If you want, you can unblock the predefined application by selecting the UnBlock' option. The predefined categories include computer games, instant messengers, music & video players, and P2P applications.
II. White List
- Enable White Listing: Select thic check box to enable the whitelisting feature of the endpoint Security module
- Enter Application to whitelist: Enter the name of the application to be whitelisted / allowed.
- White Listed Applications: This list contains whitelsited applications that are predefined by Microworld. Each of the applications listed in the predefined categories are allowed by default. If you want to block the predefined categories select the block option.
III. Define Time Restrictions
- This option will allow you to Enable / Disable application control feature. This feature helps you to define time restriction when you want to allow or block access to the applications based on specific days and between pre-defined hours during a day. For example - The administartor can block computer games, instant messengers, for the whole day but allow during lunch hours i.e. 1 - 2 pm without violating the Application Control Policies.
2. Device Control The Endpoint Security feature of eScan protects your computer from unauthorized portable storage devices prompting you for the password whenever you plug in such devices. The devices are also scanned immediately when connected to prevent any infected files running and infecting the computer.
You can configure the following settings:
- Enable Device Control: [Default] You should select this check box if you need to monitor all the USB storages devices connected to your computer. This will enable all the options on this tab.
- USB Settings: This section helps you customize the settings for controlling access to USB storage devices.
- Block USB Ports: Select this check box if you want to block all the USB ports.
- Ask for Password: Select this check box, if you want eScan to prompt for a password whenever a USB storage device is connected to the computer. You have to type the correct password to access USB storage device. It is recommended that you always keep this check box selected.
- Use eScan Administrator Password: This option is enabled only when you select the Ask for Password check box. Click this option if you want to assign eScan Administrator password for accessing USB storage device.
- Use Other Password: This option is available only when you select the Ask for Password check box. Click this option if you want assign a unique password for accessing USB storage device.
- Do Virus Scan: [Default] When you select this check box, the Endpoint Security module runs a virus scan if the USB storage device is activated. It is recommended that you always keep this check box selected.
- Read Only USB: Select this check box, if you want to allow access of the USB device in read-only mode.
- Allow user to cancel scan: Select this check box to allow the user to cancel the scanning process of the USB device.
- Disable AutoPlay: [Default] When you select this check box, eScan disables the automatic execution of any program stored on a USB storage device when you connect the device.
- Record Files Copied To USB: Select this check box, if you want eScan to create a record of the files copied from the system to USB drive.
- Record Files Copied To Network: Select this check box, if you want eScan to create a record of the files copied from managed endpoint to the network drive connected to it.
- Record Files Copied To Local: Select this check box, if you want eScan to create a record of the files copied from the one drive to another drive of the system. Please note that if you have Selected " Ignore System Drive" along with this option no record will be captured if the Files are copied from system drive (the drive in which OS is installed) to another drive.
- Ignore System Drive: Select this check box in case of you do not want eScan to record files that are copied from System drive of managed endpoint to either network drive or any local drive.
- Whitelist: eScan provides a greater level of endpoint security by prompting you for a password whenever you connect a USB drive. To disable password protection for a specific device, you can add it along with its serial number to the whitelist. The next time you connect the device it will not ask for a password but will directly display the files or folders stored on the device. This section displays the serial number and device name of each of the whitelisted devices in a list. You can add devices to this list by clicking on the Add button. The Whitelist section displays the following button.
- Scan Whitelisted USB Devices: By default, eScan does not scan whitelisted USB devices. You should select this option, if you want eScan to scan USB devices that have been added to the whitelist.
- You can click on the Add button to enter the Serial number (unique for each USB device ) and Device Name of the USB device to be whitelisted. The Serial Number and the Device Name details are shown in Endpoint security module in eScan Protection Center under the same sub-section. You need to insert the USB device on the eScan server and copy the details onto the eScan web console settings.
- Disable Web Cam: Select this option to Disable Webcams connected
- Disable SD Cards: Select this option to disable the SD cards
- Disable Bluetooth: Select this option to disable Bluetooth
- Block Attachments: Select this option to block all attachments.
- Note:- Click the Default button, if you want to apply default settings, which are done during installation of eScan. It loads and resets the values to the default settings.
DLP (Attachment Control)
The DLP (Attachment Control) feature lets you control attachment flow within your organization. You can block/allow all attachments the user tries to send through specific processes that can be defined. You can exclude specific domains/subdomains that you trust, from being blocked even if they are sent though the blocked processes mentioned before.
You can configure the following settings:
Select this option if you want attachments to be allowed through all processes except a specific set of processes mentioned below.
Select this option if you want attachments to be blocked through all processes except a specific set of processes mentioned below.
Enter Process Name
Enter the name of the processes that should be excluded from the above selection.
This will display a list of process you excluded when you selected the Attachment Allowed option. eScan will block all attachments through this process.
This will display a list of process you excluded when you selected the Attachment Blocked option. eScan will allow all attachments through this process.
Enter Site Name
Enter the name of the websites through which attachments should be allowed irrespective of the above settings.
The websites added above to be whit listed are displayed in this list.