Top
Systemwalker Desktop Keeper User's Guide for Administrator
FUJITSU Software
Chapter 8 Change Operating Environment > 8.6 Export Files to Specified USB Device Only > 8.6.3 Set USB devices permitted to be used in policy setting
PreviousNext

8.6.3 Set USB devices permitted to be used in policy setting

The policy setting is performed by the system administrator or department administrator.

This section describes by 8.6.1 Operation example including policy setting from operation example 1 to operation example 7.

Policy setting of operation example 1

In File export/read, set as follows:

  • File Export Utility

    • Select cannot be used.

  • Explorer

    • Select Yes in File Access Control.

    • Select Removable in Read Prohibition

    • Select Removable in Specify Drive Type of Export Prohibition.

  • Individual Identification

    • Select Use.

    • Select Read Only in the File Export Prohibition - Individual Identification Feature - Detailed Settings window.

Policy setting of operation example 2

In File export/read, set as follows:

  • File Export Utility

    • Select can be used.

    • Select Export after Encryption Only.

  • Explorer

    • Select Yes in File Access Control.

    • Select Removable in Read Prohibition.

    • Select Removable in Specify Drive Type of Export Prohibition.

  • Individual Identification

    • Select Use.

    • Select Read and Write in the File Export Prohibition - Individual Identification Feature - Detailed Settings window.

    • Select Write using File Export Utility Only in the File Export Prohibition - Individual Identification Feature - Detailed Settings window.

Policy setting of operation example 3

In File export/read, set as follows:

  • File Export Utility

    • Select can be used.

    • Select Export after Encryption Only.

  • Explorer

    • Select Yes in the File Access Control.

    • Select Removable in Read Prohibition

    • Select Removable in Specify Drive Type of Export Prohibition.

  • Individual Identification

    • Select Use.

    • Select Read and Write in the File Export Prohibition - Individual Identification Feature - Detailed Settings window.

    • Select Read and Write by File Export Utility Only in the File Export Prohibition - Individual Identification Feature - Detailed Settings window.

Policy setting of operation example 4

In File export/read, set as follows:

  • File Export Utility

    • Select can be used.

    • Select Export Only after Encryption.

  • Explorer

    • Select Yes in the File Access Control.

    • Select Removable in the Read Prohibition.

    • Select Removable in the Specify Drive Type of Export Prohibition.

  • Individual Identification

    • Select Use.

    • In the File Export Prohibition - Individual Identification Feature - Detailed Settings window, select Read and Write. Do not tick any of subordinate check boxes.

Policy setting of operation example 5

In the Operation Settings of USB Device of the Device/Media Registration window set as follows:

  • In Deadline of USB Device Use, select Set.

In the Device/Media Registration window, set as follows:

  • Select the USB device required to set period for use in List of registered devices/media, and set the permitted date of use in Period for Use of USB Device.

In File export/read, set as follows:

  • File Export Utility

    • If using the File Export Utility, select can be used.

  • Explorer

    • In File access control, select Yes.

    • If prohibiting reading using Windows Explorer, and so on (not the File Export Utility), select Removable in Read Prohibition.

    • If prohibiting exporting using Windows Explorer, and so on (not the File Export Utility), select Removable in Export Prohibition > Specify drive type.

  • Individual Identification

    • Select Use.

    • Select the permitted access settings of use in File Export Prohibition - Individual Identification Feature - Detailed Settings window.

Policy setting of operation example 6

In File export/read, set as follows:

  • File Export Utility

    • If using the File Export Utility, select can be used.

  • Explorer

    • In File access control, select Yes.

    • If prohibiting reading using Windows Explorer, and so on (not the File Export Utility), select Removable in Read Prohibition.

    • If prohibiting exporting using Windows Explorer, and so on (not the File Export Utility), select Removable in Export Prohibition > Specify drive type.

  • Individual Identification

    • Select Use.

    • In the File Export Prohibition - Individual Identification Feature - Detailed Settings window, set Allow to use all USB devices registered in Management Server to Yes, and select the access settings for permitted use.

Policy setting of operation example 7

Set the following policy to the CT group policy (user group policy) for "Section A".

In File export/read, set as follows:

  • File Export Utility

    • If using the File Export Utility, select can be used.

  • Explorer

    • In File access control, select Yes.

    • If prohibiting reading using Windows Explorer, and so on (not the File Export Utility), select Removable in Read Prohibition.

    • If prohibiting exporting using Windows Explorer, and so on (not the File Export Utility), select Removable in Export Prohibition > Specify drive type.

  • Individual Identification

    • Select Use.

    • In the File Export Prohibition - Individual Identification Feature - Detailed Settings window, set Allow to use all USB devices registered in Management Server to Yes, and select the access settings for permitted use.

Set the following policy to the group policy for "Section B".

In File export/read, set as follows:

  • File Export Utility

    • If using the File Export Utility, select can be used.

  • Explorer

    • In File access control, select Yes.

    • If prohibiting reading using Windows Explorer, and so on (not the File Export Utility), select Removable in Read Prohibition.

    • If prohibiting exporting using Windows Explorer, and so on (not the File Export Utility), select Removable in Export Prohibition > Specify drive type.

  • Individual Identification

    • Select Use.

    • Specify USB devices that, in the File Export Prohibition - Individual Identification Feature - Detailed Settings window, have Identification Method set to Not Available.

Policy setting of operation example 8

This is the setting for allowing only some digital cameras to be used and prohibiting the use of all other digital cameras, scanners and similar.

In File export/read, set as follows:

  • File Export Utility

    • Select can be used.

    • Select Only encryption export is allowed.

  • Explorer

    • In File access control, select Yes.

    • In Export Prohibition > Specify drive type, select Removable.

    • In Portable device/imaging device connection prohibition, select Portable device.

    • In Portable device/imaging device connection prohibition, select Imaging device.

  • Individual Identification

    • Select Use.

    • In the File Export Prohibition - Individual Identification Feature - Detailed Settings window, add the digital cameras allowed to List of Available USB Devices and select Read and Write. Do not select any of the check boxes under it.

Point

Prohibiting USB device use for a specific client (CT) or user under "Section A"

As in operation example 7, follow the procedure below to set the policy for prohibiting USB device use for a specific client (CT) or user in "Section A".

  1. Select the client (CT) or user for which the policy will be set.

  2. In File export/read, set as follows:

    • Individual Identification

      - Select Use.

      - Specify USB devices that, in the File Export Prohibition - Individual Identification Feature - Detailed Settings window, have Identification Method set to Not Available.

Click Update at Next Startup or Update Immediately to set the policy.
CT policy will be reflected when the client (CT) is started. User policy will be reflected at logon.
Policy will also be reflected at immediate update.

PreviousNext
Copyright 2005 - 2018 FUJITSU LIMITED