Device control

Forcepoint Neo device control is a measure of protection that restricts user access to removable storage devices.

Access rules allow administrators to define access control on removable storage devices for users and groups. Access rules can be defined to limit or block copying, modifying, or saving files to removable storage devices from workstations.

The access rule configurations include following permissions both for the default rule as well custom rules defined later:

Table 1. Permissions
Access Permissions Meaning Description
Allow Trust & Monitor (Default Permission) User can read, write, and modify files on the removable storage device.
Block Zero Trust user cannot open, read, or save files to the removable storage device.
Read only Limited Trust user can read files from the device, but cannot save, modify, or copy files to the removable storage device.

The Device control tab displays the default access rule applied, options to create, edit, enable, disable or duplicate custom rules, and also set the Risk adaptive protection levels.