This article outlines the process involved with implementing removable storage device control.

Configuration Steps:

Log into the Cloud account and go to:


Filter Management à Overview 

Click on Edit to modify the policy 

Endpoint à Custom

Expand Customization 

Enable USB Manager

Open the status page

Then click on Setup à Devices



Login using Maintenance password to view/edit devices module:

Authorize or restrict use of a removable storage device from the list



If a particular device is not listed on the page, you may click on Refresh Devices button or plug it into a different USB port. 


Three devices are connected here, none of them in the authorization list.

Every device starting with a ‘red’ column is disabled:

When you connect a device that is not authorized, Endpoint will disable it and show a warning in user desktop (unless popup messages are disabled):

Endpoint will allow authorized devices to run.

Every device starting with a ‘green’ column is enabled and connected:

You may rename a device as needed:

If Policy does not enable USB manager, you will still have a chance to manage local devices.

This is intentional to allow re enable devices after turning off USB manager.



when Policy USB Manager is not enabled, you will not have a chance to disable devices. 

log data

A log file will be generated under log folder: usb.log.


2015/07/30 21:35:20 request device: USBSTOR\DISK&VEN_SAMSUNG&PROD_M3_PORTABLE&REV_3_\00000000011E0BA9&0

2015/07/30 21:35:21 USB device has been enabled

2015/07/30 21:35:48 request device: USBSTOR\DISK&VEN_SAMSUNG&PROD_M3_PORTABLE&REV_3_\00000000011E0BA9&0

2015/07/30 21:35:48 USB device has been disabled

2015/07/30 21:36:12 request device: USBSTOR\DISK&VEN_SAMSUNG&PROD_M3_PORTABLE&REV_3_\00000000011E0BA9&0

2015/07/30 21:36:12 USB device has been enabled

2015/07/31 08:01:55 request device: USBSTOR\DISK&VEN_SAMSUNG&PROD_HD502HJ&REV_\20B9BB07450F&0

2015/07/31 08:01:57 USB device has been disabled

System log will also store several USB data information.


+ [2015/07/31 08:00:46] Current Policy: Montevideo R&D office [jorge] -Policy change detected-

- [2015/07/31 08:01:55] USB device connected: USBSTOR#Disk&Ven_SAMSUNG&Prod_HD502HJ&Rev_#20B9BB07450F&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}

- [2015/07/31 08:01:55] USB device id: USBSTOR\DISK&VEN_SAMSUNG&PROD_HD502HJ&REV_\20B9BB07450F&0

- [2015/07/31 08:01:55] USB device name: SAMSUNG HD502HJ USB Device

- [2015/07/31 08:01:55] USB device not authorized; locking device

+ [2015/07/31 08:01:55] Running command: endpoint usb

- [2015/07/31 08:01:57] USB device disconnected: USBSTOR#Disk&Ven_SAMSUNG&Prod_HD502HJ&Rev_#20B9BB07450F&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}

- [2015/07/31 08:04:57] USB device connected: USBSTOR#Disk&Ven_USB2.0&Prod_CARD-READER&Rev_1.01#8120420080429000&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}

- [2015/07/31 08:04:57] USB device id: USBSTOR\DISK&VEN_USB2.0&PROD_CARD-READER&REV_1.01\8120420080429000&0

- [2015/07/31 08:04:57] USB device name: USB2.0 CARD-READER USB Device

- [2015/07/31 08:04:57] USB device found in custom Authorized Devices; no action taken

A new module is going to be automatically installed by Endpoint under tool folder: endpoint_usb[32/64].exe.

That module is responsible for USB device locking/unlocking and will be started by Endpoint on demand.



The USB manager is only available for the Windows OS.