The policy setting is performed by the system administrator or department administrator.
This section describes by 7.5.1 Operation example including policy setting from operation example 1 to operation example 7.
In File export/read, set as follows:
File Export Utility
Select No in the Export using File Export Utility.
Explorer
Select Yes in File Access Control.
Select Disable in Read Prohibition (Read of Removable Drive).
Select Removable in Specify Drive Type of Export Prohibition.
Individual Identification Function of USB Device
Select Use.
Select Read Only in the File Export Prohibition- Individual Identification Function of USB Device-Detailed Settings window.
In File export/read, set as follows:
File Export Utility
Select Yes in Export using File Export Utility.
Select Export after Encryption Only.
Explorer
Select Yes in File Access Control.
Select Disable in Read Prohibition (Read of Removable Drive).
Select Removable in Specify Drive Type of Export Prohibition.
Individual Identification Function of USB Device
Select Use.
Select Read and Write in the File Export Prohibition- Individual Identification Function of USB Device-Detailed Settings window.
Select Write using File Export Utility Only in the File Export Prohibition- Individual Identification Function of USB Device-Detailed Settings window.
In File export/read, set as follows:
File Export Utilit
Select Yes in Export using File Export Utility.
Select Export after Encryption Only.
Explorer
Select Yes in the File Access Control.
Select Disable in Read Prohibition (Read of Removable Drive).
Select Removable in Specify Drive Type of Export Prohibition.
Individual Identification Function of USB Device
Select Use.
Select Read and Write in the File Export Prohibition- Individual Identification Function of USB Device-Detailed Settings window.
Select Read and Write by File Export Utility Only in the File Export Prohibition- Individual Identification Function of USB Device-Detailed Settings window.
In File export/read, set as follows:
File Export Utility
Select Yes in the Export using File Export Utility.
Select Export Only after Encryption.
Explorer
Select Yes in the File Access Control.
Select Disable in the Read Prohibition (Read of Removable Drive).
Select Removable in the Specify Drive Type of Export Prohibition.
Individual Identification Function of USB Device
Select Use.
In the File Export Prohibition- Individual Identification Function of USB Device-Detailed Settings window, select Read and Write. Do not tick any of subordinate check boxes.
In the Operation Settings of USB Device of USB Device Registration, set as follows:
Select Set Period for Use of USB Device.
In the USB Device Registration window, set as follows:
Select the USB device required to set period for use in List of Registered USB Devices, and set the permitted date of use in Period for Use of USB Device.
In File export/read, set as follows:
Individual Identification Function of USB Device
Select Use.
Select the permitted access settings of use in File Export Prohibition- Individual Identification Function of USB Device-Detailed Settings window.
In File export/read, set as follows:
Individual Identification Function of USB Device
Select Use.
Select Yes in Use of all USB devices registered on the Management Server are permitted of File Export Prohibition- Individual Identification Function of USB Device-Detailed Settings and select the permitted access settings of use.
Click the Update at Next Startup or Update Immediately button, and set policies.
The CT policy will be reflected when the client (CT) is started, and the user policy will be reflected when logging on to the client (CT).
This will be reflected by an immediate update of policy.
Set the following policy to the CT group policy (user group policy) for "Section A".
In File export/read, set as follows:
USB Device Individual Identification Function
Select Use.
In the File Export Prohibition - USB Device Individual Identification Function - Detailed Settings window, set Allow to use all USB devices registered in Management Server to Yes, and select the access settings for permitted use.
Set the following policy to the group policy for "Section B".
In File export/read, set as follows:
USB Device Individual Identification Function
Select Use.
Specify USB devices that, in the File Export Prohibition - USB Device Individual Identification Function - Detailed Settings window, have Identification Method set to Not Available.
This is the setting for allowing only some digital cameras to be used and prohibiting the use of all other digital cameras, scanners and similar.
In File export/read, set as follows:
File Export Utility
In Export using File Export Utility, select Allowed.
Select Only encryption export is allowed.
Windows Explorer
In File access control, select Yes.
In Export Prohibition > Specify drive type, select Removable.
In Portable device/imaging device connection prohibition, select Portable device.
In Portable device/imaging device connection prohibition, select Imaging device.
USB Device Individual Identification Function
Select Use.
In the File Export Prohibition - USB Device Individual Identification Function - Detailed Settings window, add the digital cameras allowed to List of Available USB Devices and select Read and Write. Do not select any of the check boxes under it.
Point
Prohibiting USB device use for a specific client (CT) or user under "Section A"
As in operation example 7, follow the procedure below to set the policy for prohibiting USB device use for a specific client (CT) or user in "Section A".
Select the client (CT) or user for which the policy will be set.
In File export/read, set as follows:
USB Device Individual Identification Function
- Select Use.
- Specify USB devices that, in the File Export Prohibition - USB Device Individual Identification Function - Detailed Settings window, have Identification Method set to Not Available..
Click Update at Next Startup or Update Immediately to set the policy.
CT policy will be reflected when the client (CT) is started. User policy will be reflected at logon.
Policy will also be reflected at immediate update.
