Job Management Partner 1/Software Distribution Description and Planning Guide

[Contents][Glossary][Index][Back][Next]

2.5.6 Suppressing device operations

By suppressing device operations at a client, you can prevent the leakage of confidential information and the entry of undesirable information from external systems. This functionality is available when the client version is 09-50 or later.

Operation of the following can be suppressed:

You can suppress the use of various devices (writing data to or reading data from these devices), and you can exclude specific devices from suppression. You also have the option of suppressing only writing data to a device. The following table shows the operations that can be suppressed for various devices.

Table 2-18 Operations that can be suppressed for various devices

Device type Can use of the device be suppressed? Can specific devices be excluded from suppression? Can only recording to a device be suppressed?#1, #6
USB storage device Y Y Y#2
Internal CD/DVD drive Y N Y#3
Internal floppy disk drive Y N Y#4
IEEE1394-connected device Y N Y#4
Internal SD card#5 Y N Y#4
Bluetooth device Y Y N
Imaging device Y Y N

Legend:
Y: Supported
N: Not supported

#1
You cannot suppress recording only by device type. The devices for which you can suppress recording only are those devices whose use is not suppressed, or those that are excluded from suppression.

#2
Recording can be suppressed only if the client's OS is Windows XP Service Pack 2, Windows XP Service Pack 3, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2012, or Windows 8.

#3
Recording can be suppressed only if the client's OS is Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2012, or Windows 8.

#4
Recording can be suppressed only if the client's OS is Windows Vista, Windows Server 2008, Windows 7, Windows Server 2012, or Windows 8.

#5
With an SD card connected, from Windows Device Manager, open the Properties dialog box for each SD card. If SD or RIMMPTSK is displayed for Enumerator under the Details tab, that SC card is supported. Depending on how the SD card in the PC is connected to the PC main unit, something other than SD or RIMMPTSK might be displayed for Enumerator. If something other than SD or RIMMPTSK is displayed for Enumerator, that SD card is not supported.

#6
If the client's OS is Windows 8 (Basic Edition), this facility is not supported.

Select the devices whose operations you want to suppress, based on factors such as the frequency of their use by jobs and the risk of information leakage.

The following figure provides an overview of device operation suppression.

Figure 2-25 Overview of device operation suppression

[Figure]

Organization of this subsection
(1) Prerequisites for the client OS
(2) Notes on suppressing device operations

(1) Prerequisites for the client OS

You can suppress device operations when the client's OS is one of the following:

Operation suppression is not supported if the client's OS is Windows NT 4.0, Windows 98, or Windows Me.

(2) Notes on suppressing device operations

Notes on suppressing device operations at an offline machine

Do not suppress the operation of the device that will be used to apply an operation monitoring policy or to collect operating information. If you suppress such a device, you will not be able to apply an operation monitoring policy or collect operating information.

Notes on virtual environments

Notes on upgrading JP1/Software Distribution from versions between 08-51 and 09-00 inclusive to version 09-50 or later

An operation monitoring policy for suppressing external media operation is not applied to clients whose version is 09-50 or later. You need to specify an operation monitoring policy for suppressing device operation.

However, an operation monitoring policy for suppressing external media operations is applied when the following two conditions are satisfied: