DriveLock Customer Forum
Information
24 results found
-
COM Port Management
We would like to control and manage COM Ports (especially Virtual COM Ports, USB-Serial adapters) in the same way per whitelist rules equal to Drives or other devices like Smartphones, HID devices etc.
In short, possibility of User and Computer combination.
1 vote -
Enforce maximum temporary unlock time in DOC
it was possible to enforce a maximum duration for temporary unlock set by the mmc through policy settings. This capability is now gone with the DOC and it makes possible for administrators / helpdesk users to set very long time in order to please end users. It should be possible to define a maximum unlock time in order to enforce company policy like it was the case before the DOC.
1 votePM-1880
-
Verknüpfung beim Inhaltstest von Dateien sollte frei wählbar sein
Bei bspw. klassifizierten Dokumenten nach ISO 27001 sollte es möglich sein den Inhaltstest bspw. so zu definieren z.B. Typdefinition docx und ("Intern" oder "Öffentlich") und nicht ("Vertraulich" oder "Streng Vertraulich") . So kann sichergestellt werden das nur docx-Dateien exportiert werden dürfen die als Intern oder Öffentlich klassifiziert sind. Für diesen Ansatz müssten bestimmt Regeln auch negiert werden können.
1 vote -
Dateitypdefinitionen: Eigenschaften im Footer der Datei Prüfen
Um eine noch feinere Filterung von Dateitypen zu definieren, wäre eine zusätzliche Prüfung auf den "footer" der Datei in meinen Augen sinnvoll. Beispielsweise wäre hier GnuPG zu nennen wo man dann auf "--BEGIN PGP PUBLIC KEY" und "--END PGP PUBLIC KEY" prüfen kann und nur wenn beide als positiv zurückgegeben werden, die Datei auch freigegeben wird
1 vote -
Erkennung von "embedded Files" in Office bzw. PDF Dateien
Derzeit erkennt DriveLock leider keine "embedded Files" in MS Office oder PDF Dateien. Aus Gründen der Sicherheit wäre es erforderlich das DriveLock diese erkennt und mit dem Filter für erlaubte Files abgleicht. So kann sichergestellt werden das bspw. keine ausführbaren Dateien über diesen Weg "geschleust" werden. Also wären z.B. Bild und Video Dateien als "embedded" erlaubt aber eben keine *.exe Dateien.
2 votes -
USB-Laufwerke aus Regeln entfernen
Es sollte möglich sein, dass Einträge aus bestehenden Laufwerksregeln (DOC - Sicherheitskontrollen - Laufwerke - Regeln) entfernt werden können, indem man die entsprechenden Laufwerke unter DOC - Inventar - Geräte - Laufwerke vorher selektiert hat.
1 vote -
Possibility to define online remote unlock similar as the SelfService group settings
While unlocking BitLock2Go encrypted sticks via remote unlock the access is only granted to user (which are not in the allowed list) if in the Remote Unlock Wizard the option "deactivate enforced encryption".
We would therefore like to have an option to set this checkbox always similar to selfservice groups where this is possible to be (Optional) set / disabled. This could be for example a role permission which is enabled for the helpdesk role.2 votes -
SB-Freigabe weiter einschränken als Geräte-Typ
In den Eigenschaften einer SB-Freigabe ist es lediglich möglich einzuschränken, ob Laufwerke / Geräte / Smartphones etc. freigegeben werden können. Es kann nicht weiter differenziert werden, welche Geräteklassen freigegeben werden können z.B. sollen nur USB-Controller freigegeben werden dürfen nicht aber Smartcard readers o.ä. .
2 votes -
Enable Filter/Searching in old Policy
Currently when you open a old Version of a Policy lots of options in a device collection are disabled. You can't filter or export the list.
Either being able to filter the list directly or being able to export it as a csv would help us tremendously to check what devices where in that older version.
Currently our workaround requires exporting the whole policy. Creating a new temporary Policy. Loading the settings from the exported policy. And then searching for our required information. Afterwards deleting the policy.1 vote -
Seperate Permissions to Add / Delete Devices from a Device Collection
Currently in depth Whitelist rules can only be set in the Management Console. In there we mostly work with Device Collection. We set a rule with a certain behavior, people it affects, etc. and then connect it with a Device Collection. After that the main effort is in adding new devices to that Device List.
We would like to split the administrative load and have main administrators that set up rules and policies. And then we would like a seperate user group with limited permissions that can only add or remove devices from existing device collections. It is important for…
1 vote -
Ability to disable Logging for specific uses of the Usage Policy
When using a Usage Policy with different rules we would sometimes not want the rule to be logged with our enterprise Service (or at least be able to filter it out of our log).
Example:
We have one Rule that creates Usage Policies that we want to see to validate the device daily and add it to the permanent whitelist.
We have a different rule where we would like to show a Usage Policy to that user group for certain devices they connect. We have no need to see this Log in our DOC.Right now we either get all…
1 vote -
Ability to create rule specific Usage Policy text
As an Admin I have a wide variety of use cases for Usage Policys. Sadly right now it seems I can only set one Custom Text for the Usage Policy.
In a optimal situation I would like to display different Text of the Usage Policy depending on what rule is triggered.
Example:
Rule 1 is triggered for HID and tells the user HID devices are allowed if they have been provided by the Company.
Rule 2 is triggered for a special Testing Group within the organisation for every printer that is usually blocked. This tells them they can use this…1 vote -
Want to remote write volume.id files (from DOC).
We do need a feature to write volume.id files remotely.
This should be implemented via DOC.
We can not install the DMC everywhere on clients, just to write
a volume.id. Also the device (production machines) are to heavy
to carry them into the IT department for whitelisting.
Signing the volume.id with password would be fine for us,
we don't need it full implemented, like signing with certificates.2 votes -
Analog zur Cross-Network Protection bei WIFI soll diese auch bei 2 LAN Verbindungen blockieren können
Drivelock bietet bereits die Funktionalität bei einer bestehenden Ethernetverbindung WIFI zu blockieren. (adminhdb S136 4.1.2). Der Wunsch ist nun das bei einer bestehenden EthernetVerbindung eine weitere EthernetVerbindung (egal welcher BUS) automatisch blockiert werden kann, um so auch ein Bridging mittels 2 LAN Adaptern zu unterbinden.
1 vote -
Format BitLocker2Go USB removables like in Encryption2Go
In Encryption2Go it is possible to format the USB removables before encryption and keep the data if necessary - these options are completely missing in BitLocker2Go.
4 votesWe will follow up on this idea, taking into account the voting in this forum, among other aspects, for inclusion in the detailed product backlog for the next version.
-
Configure automatic temporary unlock in the future (from time x to time y)
We have repeated requests for USB releases for specific time periods in the future. Would it be possible in the helpdesk temporary unlock window to select a period in the future with time and date specification?
1 voteWe will pursue this idea further, taking into account the voting in this forum, among other aspects, before including it in the detailed product backlog for the next version.
-
Permanently unlock devices directly from within the DOC
With 2021.2 permanently unlocking single drives has become easier than ever before. It would be great to have the same capability for other devices like cameras, smartphones.
Unlocking applications previously blocked by DriveLock application control has been added with 2022.1.1 vote -
USB tethering
Add an option to block connecting to the Internet by using usb tethering on your smartphone (android and apple).
Usb tethering creates a Remote NDIS based Internet Sharing Device.
11 votes -
Share "wireless" screen content via USB
Dear DriveLock Team,
It would be very useful to enable a class of devices that can transfer the desktop screen content via USB (Click2Share in customer meeting rooms). For example, similar to the cell phones. Possibly this can also be released semi-automatically and not wait for the IT release.2 votes -
Network Bridging: enable temporary deactivation
Hello,
We are looking for a solution how to disable network bridging in a simple way for a short time.
We are currently deploying only one policy and do not want to switch to a second policy just to disable bridging. Is it possible that something like this will be implemented in the future? As soon as I temporarily unlock the computer that I also have the option to disable bridging?
1 vote
- Don't see your idea?