Why is the Exclude CD feature in MetaDefender Endpoint not working on one or more of my managed devices?

My OPSWAT administrators, who have enabled and configured Threat Detection on a given Device Policy, may find that the Exclude CD option, configurable under the OPSWAT Central Management Console>Device Policies>Threat Detection>Removable Media, does not seem to be working on one or more of the managed endpoints assigned to that policy, even though the option is enabled. This is more than likely the result of certain devices still running MetaDefender Endpoint V7.6.575.0 (Windows) or prior, or MetaDefender Endpoint V10.4.385.0 (macOS) or prior, which versions do not support the Exclude CD functionality. To remedy this issue, please follow the instructions below.

Add an agent (Client) version compliance rule to flag outdated devices

1. Log into the My OPSWAT Console and navigate to Device Policies>Chosen Policy>Compliance, then click the Add New Rule button, as illustrated below.

2. In the vacant slot, click the Plus symbol, as illustrated below, then select Add an agent version condition from the pop-up menu

3. In the space provided, type the minimum MetaDefender Endpoint version required for this feature, namely 7.6.575.0.
4. Repeat the process by clicking the Plus symbol and adding the same rule for macOS, if applicable, but substituting with 10.4.385.0, which is the macOS equivalent for support of this feature.

There is no need to click the Add New Rule button in the upper right again, as all variations will fall within the same rule.

Operating systems can be selected by clicking the underlined Windows text that appears in the default rule, then selecting the operating system from the pop-up list, as illustrated below.

5. With your new rule configured, click the Add Rule button, then click the Save button in the lower right-hand corner of the screen.

6. Enter your administrator PIN in the pop-up box, as prompted, then click Save again to implement your settings.

Manually checking device versions to see whether some devices are running an outdated MetaDefender Endpoint version

1. Log into the My OPSWAT Console and navigate to the Inventory>Devices tab.
2. Manually scan the list, or enter the device IDs, usernames, group names, IP addresses, or MAC addresses of devices under the relevant policy into the search field and run the Search.
3. Client version details will be listed in the Agent Version column, as illustrated below. Look for devices running MetaDefender Endpoint version 7.6.575.0 or prior, and if any are present, follow the instructions in the next section of this article to remediate.

Configuring Global device agent (Client) settings to automatically update MetaDefender Endpoint to the latest version

1. Log into the My OPSWAT Console and navigate to the Settings>Global Settings>Device Agents tab, then locate the Agent section.
2. Check the box alongside the Allow agents to automatically update to the latest version option.
3. Click the Save button in the upper right-hand corner of the screen to enable your settings.