Absolutely. I love the app and device control!
I can tell when folks are attempting to use USB drives, can log files accessed or copied to such drives, can block certain types, allow others.
If you block say one vendor of drive, but want to allow a certain model from that vendor, the allow takes precedence - in other words, if you block ALL USB drives, but allow brand xxx, then brand xxx can work, all others won't.
Allow comes first, sort of a safety thing.
You can block ALL USB devices, but allow mice, keyboards, etc., too.
Here is an email I got when someone attempted a certain blocked USB device:
Message from:
Server name: VRDSMSEP1
Server IP: 165.123.456.010
Found more than 1 security events. Actual number of security events found was 7 in 1 minutes.
Security events included:
Compliance,
Device Manager.
See attached report for more details.
------------------------------------------------- below is the report that was attached--------------------------
Event Time Event Type
Severity
Number Domain
Server
Group Computer
IP Address
Operating System Client User Name
Location Application Name Event Description
04/21/2009 16:25:24 Device control disabled device
Major
1 IVRS-SEP1
VRDSMSEP2
My Company\Client Computers\Desktop VR003HP36C91D52
10.252.3.9
Windows XP Professional Elizabeth.Vaxxxxx
Default Device Manager Message The device was disabled successfully. [name]:Generic volume [class]:Storage volumes [guid]:71a27cdd-812a-11d0-bec7-08002be2092f [deviceID]:STORAGE\REMOVABLEMEDIA\7&4D0BF91&0&RM
04/21/2009 16:25:24 Device control disabled device
Major
1 IVRS-SEP1
VRDSMSEP2
My Company\Client Computers\Desktop VR003HP36C91D52
10.252.3.9
Windows XP Professional Elizabeth.Vaxxxxx
Default Device Manager Message The device was disabled successfully. [name]:USB2.0 Flash Disk USB Device [class]:Disk drives [guid]:(null) [deviceID]:USBSTOR\DISK&VEN_USB2.0&PROD_FLASH_DISK&REV_5.00\0221100015429012&0
04/21/2009 16:25:24 Device control disabled device
Major
1 IVRS-SEP1
VRDSMSEP2
My Company\Client Computers\Desktop VR003HP36C91D52
10.252.3.9
Windows XP Professional Elizabeth.Vaxxxxx
Default Device Manager Message The device was disabled successfully. [name]:USB2.0 Flash Disk USB Device [class]:Disk drives [guid]:(null) [deviceID]:USBSTOR\DISK&VEN_USB2.0&PROD_FLASH_DISK&REV_5.00\0221100015429012&0
04/21/2009 16:25:19 Device control disabled device
Major
1 IVRS-SEP1
VRDSMSEP2
My Company\Client Computers\Desktop VR003HP36C91D52
10.252.3.9
Windows XP Professional Elizabeth.Vaxxxxx
Default Device Manager Message The device was disabled successfully. [name]:USB2.0 Flash Disk USB Device [class]:Disk drives [guid]:(null) [deviceID]:USBSTOR\DISK&VEN_USB2.0&PROD_FLASH_DISK&REV_5.00\0221100015429012&0
04/21/2009 16:25:19 Device control disabled device
Major
1 IVRS-SEP1
VRDSMSEP2
My Company\Client Computers\Desktop VR003HP36C91D52
10.252.3.9
Windows XP Professional Elizabeth.Vaxxxxx
Default Device Manager Message The device was disabled successfully. [name]:USB2.0 Flash Disk USB Device [class]:Disk drives [guid]:(null) [deviceID]:USBSTOR\DISK&VEN_USB2.0&PROD_FLASH_DISK&REV_5.00\0221100015429012&0
04/21/2009 16:25:19 Device control disabled device
Major
1 IVRS-SEP1
VRDSMSEP2
My Company\Client Computers\Desktop VR003HP36C91D52
10.252.3.9
Windows XP Professional Elizabeth.Vaxxxxx
Default Device Manager Message The device was disabled successfully. [name]:USB2.0 Flash Disk USB Device [class]:Disk drives [guid]:(null) [deviceID]:USBSTOR\DISK&VEN_USB2.0&PROD_FLASH_DISK&REV_5.00\0221100015429012&0
04/21/2009 16:25:13 Device control disabled device
Major
1 IVRS-SEP1
VRDSMSEP2
My Company\Client Computers\Desktop VR003HP36C91D52
10.252.3.9
Windows XP Professional Elizabeth.Vaxxxxx
Default Device Manager Message The device was disabled successfully. [name]:Unknown Device [class]:Other devices [guid]:4d36e97e-e325-11ce-bfc1-08002be10318 [deviceID]:STORAGE\REMOVABLEMEDIA\7&4D0BF91&0&RM