Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • FortiDLP Console User Guide

    Home FortiDLP FortiDLP Console User Guide

    Block USB storage device

    Block USB storage device

    Requirements: Windows, macOS, or Linux.

    The block USB storage device action helps you protect against data exfiltration and infiltration attempts.

    This policy-initiated action enables the FortiDLP Agent to deny access to an unauthorized USB mass storage device based on properties, such as its VID/PID identifier and serial number. In turn, you can safeguard against USB devices being used to copy sensitive information out of the organization, as well as USB devices that are infected with malware or equipped with other dangerous capabilities.

    This functionality is supported for USB storage devices, such as:

    • Flash drives
    • Memory cards
    • External hard drives (HDDs) and solid-state drives (SSDs)
    • CD and DVD drives
    • Cameras.

    USB storage device blocking is provided by the Unauthorized USB storage device inserted policy template.

    For more information, refer to the FortiDLP Policies Reference Guide.

    Note

    The insertion of an SD card device reader into a device will trigger a USB devices event and/or a detection and action(s) (if the Unauthorized USB storage device used policy template is used) instead of the insertion of the SD card into the device reader.

    On Windows, a configuration option is available to alter this behavior, identifying the SD card's insertion as the trigger for events, detections, and/or actions. For details, contact Fortinet Support.

    To configure blocking controls for WPD devices, which connect using the Windows Portable Devices (WPD) system and include Android devices and Media Transfer Protocol (MTP) or Picture Transfer Protocol (PTP) devices, see Creating Agent configuration groups in the FortiDLP Administration Guide.
    Previous
    Next

    Block USB storage device

    Block USB storage device

    Requirements: Windows, macOS, or Linux.

    The block USB storage device action helps you protect against data exfiltration and infiltration attempts.

    This policy-initiated action enables the FortiDLP Agent to deny access to an unauthorized USB mass storage device based on properties, such as its VID/PID identifier and serial number. In turn, you can safeguard against USB devices being used to copy sensitive information out of the organization, as well as USB devices that are infected with malware or equipped with other dangerous capabilities.

    This functionality is supported for USB storage devices, such as:

    • Flash drives
    • Memory cards
    • External hard drives (HDDs) and solid-state drives (SSDs)
    • CD and DVD drives
    • Cameras.

    USB storage device blocking is provided by the Unauthorized USB storage device inserted policy template.

    For more information, refer to the FortiDLP Policies Reference Guide.

    Note

    The insertion of an SD card device reader into a device will trigger a USB devices event and/or a detection and action(s) (if the Unauthorized USB storage device used policy template is used) instead of the insertion of the SD card into the device reader.

    On Windows, a configuration option is available to alter this behavior, identifying the SD card's insertion as the trigger for events, detections, and/or actions. For details, contact Fortinet Support.

    To configure blocking controls for WPD devices, which connect using the Windows Portable Devices (WPD) system and include Android devices and Media Transfer Protocol (MTP) or Picture Transfer Protocol (PTP) devices, see Creating Agent configuration groups in the FortiDLP Administration Guide.
    Previous
    Next