Device Guard is a FireEye Endpoint module designed to monitor and/or restrict access to USB devices belonging to class Mass Storage or MTP (Media Transfer Protocol). When enabled, it allows administrators to configure a class-based blocking of USB devices on endpoints. Further granular controls allow administrators to create exemptions to these class-based policies to allow/disallow USB mass storage or MTP devices based on their hardware parameters such as Product name, Vendor name and Serial number.
This technical preview release of Device Guard 0.7.0 is supported on Endpoint Security Server 5.0 with Agent 32.30.x and later. This module is supported on Microsoft Windows 7 and newer operating systems to monitor and/or restrict access to USB devices belonging to class Mass Storage or MTP (Media Transfer Protocol).
As this is a tech preview module, the usual support SLAs don’t apply to the module. You can also provide feedback to the module team through the email listed below.
Note: Please install Device Guard initially on a small test hosts and watch for any system or device compatibility issues before deploying widely in production. It is recommended to stagger the deployment of the Device Guard module in a production environment. In case of incompatibly issues encountered once the module is deployed, a staggered deployment helps identify problems early on in the environment.
|Resources:||Device Guard User Guide|
|Enforcing USB device control policies with the Device Guard Module (Video)|
|Last Updated:||September 16, 2021|
|Requirements:||FireEye Endpoint Security 5.0 with xAgent 32.30.x|