Agregar una USB a dipositivo de confianza.

[Iván Pedraza]

Hola que tal, quería ver si me pueden ayudar a permitir solo ciertos USBs en mi Kaspersky, lo he intentado añadir a dispositivo de confianza mediante el ID del dispositivo que me arroja el Kaspersky el cual es el siguiente:

USBSTOR\DISK&VEN_SMI&PROD_USB_DISK&REV_1100\CCYYMMDDHHMMSSYTZBWD&0

Pero yo al intentar agregarlo no me aparece, ¿saben que podría estar haciendo mal?

Como se ve en la foto arriba lo escribo pero abajo no me aparece nada.

Inclusive si lo intento agregar por modelo no me aparece mi USB, ¿habrá forma de poder agregar mi USB en este apartado?

Este es el mensaje de error que me llega:
Buenos días:

Por favor, autorice el acceso a operaciones con el dispositivo SMI USB DISK USB Device que se ha bloqueado de acuerdo con la regla de acceso al dispositivo.

Parámetros del dispositivo:
Tipo de dispositivo: Unidades extraíbles
Nombre del dispositivo: SMI USB DISK USB Device
Modelo: VEN_SMI&PROD_USB_DISK
ID del dispositivo: USBSTOR\DISK&VEN_SMI&PROD_USB_DISK&REV_1100\CCYYMMDDHHMMSSYTZBWD&0

Detalles de la operación:
Equipo: X
Usuario: NT AUTHORITY\SYSTEM
Tipo de operación bloqueada: Leer
Fecha y hora de inicio: 10/11/2023 10:58:08 a. m.

 

[ElvinE5]

I checked it at my stand, the device was perfectly calculated both by full name and by part.

Assuming that information about your connected device has not yet reached the server. You can select from the list only those devices for which information is available on the KSC - this happens when the devices are connected to your PC, and the administration agent transmits the information to the KSC server.

To check, when you begin the adding process, you should see many devices from your entire network in this list.

Спойлер

If not, check to see if this information has been sent to KSC.

1. If you have a ground-based solution, the KSC server is inside the company network. In the policy for the KES 12.xx client, in the "general" - "Reports and Storage" section, make sure that the necessary items are checked

Спойлер

Спойлер

 

2. If you use Kaspersky Security Cloud Consol - a cloud solution, then these parameters are not enabled there by default... accordingly, information is not transferred...

Спойлер

 

I hope this information will help you

[Iván Pedraza]

On 11/12/2023 at 11:36 PM, ElvinE5 said:

I checked it at my stand, the device was perfectly calculated both by full name and by part.

Assuming that information about your connected device has not yet reached the server. You can select from the list only those devices for which information is available on the KSC - this happens when the devices are connected to your PC, and the administration agent transmits the information to the KSC server.

To check, when you begin the adding process, you should see many devices from your entire network in this list.

  Hide contents

If not, check to see if this information has been sent to KSC.

1. If you have a ground-based solution, the KSC server is inside the company network. In the policy for the KES 12.xx client, in the "general" - "Reports and Storage" section, make sure that the necessary items are checked

  Hide contents

  Hide contents

 

2. If you use Kaspersky Security Cloud Consol - a cloud solution, then these parameters are not enabled there by default... accordingly, information is not transferred...

  Hide contents

 

I hope this information will help you

Hola, seguí todos tus pasos y ahora si me aparece el USB en la consola.

Como podemos ver ya la agregue a los dispositivos de confianza

En base a lo que dice la descripcion comenta que va a permitir acceder a todos los dispositivos de confianza a la PC.

Esto es lo que tengo en la parte de buses de conexion, en teoría debería de funcionar el USB ya que esta en dispostivo de confianza.

Mas sin embargo tenemos que me sigue apareciendo el error.

 

¿Que mas tengo que conciderar aparte de agregar el USB a dispositivo de confianza?

[ElvinE5]

That's right, when adding a device to trusted devices, the bus settings and device permissions (e.g. removable devices) are irrelevant.
The bus setting only matters if you select "work via bus ..." in the device settings. like this ...

Спойлер

but if you choose that removable devices should be blocked (or conversely allowed) ... any value of the USB bus settings will be ignored.

As for your question ... there are a few assumptions. As far as I can see you have authorized this device to specific users, hence the two questions.

1. On the device where you plug in the trusted USB, are you logged in under one of the users you specified ?

2. When assigning a specific user, you kind of cut off access to the system itself, check who this device is blocked for, I assume as in your first post ...

В 10.11.2023 в 23:27, Iván Pedraza сказал:

Detalles de la operación:
Equipo: X
Usuario: NT AUTHORITY\SYSTEM
Tipo de operación bloqueada: Leer
Fecha y hora de inicio: 10/11/2023 10:58:08 a. m.

you can check by granting permissions to "Everyone" on this device, the message should disappear and access should be granted.

Add the SYSTEM user to the permissions for this device, along with the users you are allowing this device to, and the lockout message will stop bothering you.

[Iván Pedraza]

On 11/19/2023 at 9:40 PM, ElvinE5 said:

That's right, when adding a device to trusted devices, the bus settings and device permissions (e.g. removable devices) are irrelevant.
The bus setting only matters if you select "work via bus ..." in the device settings. like this ...

  Hide contents

but if you choose that removable devices should be blocked (or conversely allowed) ... any value of the USB bus settings will be ignored.

As for your question ... there are a few assumptions. As far as I can see you have authorized this device to specific users, hence the two questions.

1. On the device where you plug in the trusted USB, are you logged in under one of the users you specified ?

2. When assigning a specific user, you kind of cut off access to the system itself, check who this device is blocked for, I assume as in your first post ...

you can check by granting permissions to "Everyone" on this device, the message should disappear and access should be granted.

Add the SYSTEM user to the permissions for this device, along with the users you are allowing this device to, and the lockout message will stop bothering you.

 

Viendo todo el contenido que me pasaste y a tus 2 preguntas de al final, te comento que ya me permitio ingresar el USB.

El detalle es que se ven "2 usuarios", uno es el de NT AUTHORITY\SYSTEM y el otro es IPEDRAZA

Te adjunto que aquí se ve el NT AUTHORITY\SYSTEM

odessa/ipedraza.

 

Lo quería hacer mas especifico y por eso estaba agregando el usuario C-IPEDRAZA al kaspersky pero no me aceptaba el USB.

Para que me lo aceptará tuve que poner el NT AUTHORITY\SYSTEM, ¿esto esta bien?.

[ElvinE5]

Yeah, I asked support about that too ... and I was told "that before, it was automatically included in the permissions, but in new versions it has to be added separately" ...well, that's how it is :))))

 

Цитата

Lo quería hacer mas especifico y por eso estaba agregando el usuario C-IPEDRAZA al kaspersky pero no me aceptaba el USB.

all is correct, the system will give access to the user you specify, but will constantly bother you with messages that the system itself has restricted access.

This means that even if you receive a notification that the system access is restricted, the user can still work with the device.

Edited November 23, 2023 by ElvinE5