Link to home
Start Free TrialLog in
Avatar of sunhux
sunhux

asked on

native Windows / GPO method to permit only specific USB device id to connect

There are various 3rd party tools out there (Digital Guardian or Desktop
Central) that could install agents on isolated (ie no reachability to its
server/management centre) workstations so that we only permit
specific USB (with a device id) to connect to the USB.

Does Windows OS (Win 10, 2019) or GPO has this feature (say by
tweaking in the registry) as we prefer not to add on additional 3rd
party tools to the station?   Appreciate detailed steps to set this up.

In particular we have a SCADA station that we want to permit vendor
to access on a temporary basis to troubleshoot issue (but we'll use
Windows Firewall to permit the vendor's remote IP to come in only).
We don't want the Engineering technicians to stick any other USB
device other than that approved 4G USB modem.
SOLUTION
Avatar of McKnife
McKnife
Flag of Germany image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of sunhux
sunhux

ASKER

Thanks.

>The internal ways are not very good
By "not very good" means Windows registry/GPO method
can't do the 'whitelisting by specific device'?   ie can only
fully enable or fully disable USB?
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial