How to use the Peripheral Media Protection feature?

What's this feature about?

Peripheral Media Protection is one of the key features of MetaDefender Endpoint, designed to safeguard endpoints from USB-borne threats. It scans peripheral and removable devices for potential malware before they are made accessible, blocking any malicious files from accessing endpoint devices and critical environments. This feature provides proactive and comprehensive protection, offering peace of mind by stopping USB-based attacks at the point of entry.

User guide for administrators

This feature has two different modes that are controlled and set via admin console management.

Full block mode (Always block removable media OR Allow users to do selected actions)
On-access file scanning

To set the mode for the feature, administrators can follow the steps below:

Step 1: Log in to the console management system

Step 2: Choose Policy Management > Policies. Then click on the policy group you would like to make changes to

Step 3: Choose Advanced Endpoint Protection > Enable Threat Detection for Windows

Step 4: Scroll down where you find the Removable Media Protection tab. Keep scrolling to the section where it says, “_When removable media is connected_”, and select the mode you want to implement to the corresponding policy.

User guide for end users

Mode: On-access file scanning

Access files from the USB

To access files from the peripheral devices, users can choose to scan selected files that they wish to work on OR scan the entire USB. Once the files are found to be clean, users can access the files as usual. To perform the scanning, simply follow the steps below:

Step 1: Plug in the peripheral device into the endpoint’s port, and open MetaDefender Endpoint, navigate to the Peripheral Media Protection feature. Choose the peripheral device you would like to access

Step 2: To access files from the peripheral devices, users can choose to scan selected files that they wish to work on OR scan the entire USB.

Choose “_Open folder_” to scan selected files OR “_Unblock_” to scan the entire device (Step-by-step guide below).

Case 1: Access selected files

Through the user interface of MetaDefender Endpoint, click “_Open folder_”, the device’s folder will be opened in Windows Explorer. Users can also work in the native applications by opening Windows Explorer or Word, Excel, etc. directly

Choose the file(s) you would like to access.

Every file will be scanned before its execution or before it’s being accessed.

Wait for the scanning process to complete

If the file(s) is clean (no threats detected), users can access the files as usual

If the file(s) is deemed as a threat, it will be blocked. The status is also reflected in the user interface of the MetaDefender Endpoint for users’ awareness

Case 2: Scan the entire device

Through the user interface of MetaDefender Endpoint, click “_Unblock_”. This will initiate the scanning process.

Wait for the scanning process to complete.

When the scan is complete, if there’s no threat found, users can either look at the scan report by clicking “Report_”, or continue using the device as it is. _

If there’s a threat found, the device will be remained blocked, and users can view the scanning report for more details.__

Copy files from the USB

Step 2: The Windows Explorer will show up, select the file(s) you would like to copy to the local drives, then right click, choose “_Copy_”.

Step 3: Choose the destination folder in local drives you would like to copy the file(s) to. Right click >> Paste.

Step 4: Scanning process will be triggered, wait for it to complete.

Step 5: Once the scanning is complete, clean (allowed) file(s) will be copied to the local drives and accessible to the use.__

Mode: Full block

Unblock a device

Step 1: Plug in the peripheral device into the endpoint’s port, and open MetaDefender Endpoint on Peripheral Media Protection feature.

Step 2: Click “_Unblock_” to start the scanning process.

Step 3: Wait for the scanning process to complete.

Step 4:

Case 1: Unblock successful

Once the scanning is complete, if there’s no threat found, the device will be deemed clean and is now accessible to the users.

A pop-up notification will show up at the bottom corner of the screen, indicating that the peripheral media device is now accessible.

Case 2: Unblock failed

After scanning, if the media contains malicious content, it’s blocked, and users will NOT be able to access the media device or its contents.

Simultaneously, a pop-up notification will also show up at the bottom corner of the screen, indicating the status of the scanning.

Furthermore, a scanning report with details blocked files, potential vulnerable files, etc. will also show up for users to have more information on the device.

Step 5: If the device is safe and accessible, to access the folder or the files in the peripheral device, users can click “Open folder to access files_” directly from the interface of MetaDefender Endpoint or from native applications (Windows Explorer, Word, Excel, etc.). _

S tep 6: Users can access the scanning report by clicking “_Report_” button

Copy files from the USB

Step 2: Click on the + icon to see the folders and files of the peripheral media device.

Step 3: From there, choose the file or folder to copy from the media to the local drive. Then click “Next_” _

Step 4: Click “Copy_”. _

Step 5: By clicking “Copy_”, MetaDefender Endpoint triggers the scanning process, making sure the file or folder are safe before copying. _

Step 6: Once the scanning is complete, if the file/folder are safe, they will be copied, and users can access them by clicking on “_Open folder to access files_” directly from the interface of MetaDefender Endpoint or from native applications (Windows Explorer, Word, Excel, etc.).

A pop-up notification will also show up at the bottom of the screen, indicating that the files/folders were copied successfully.

Step 7: Users can access files through native applications if they’re found clean. __

Step 8: Users can export and access the scanning report by clicking “_Report_”, then choose the file format as PDF or CSV that you prefer.

Step 9: Users can also customize the information they would like to receive in the report. Once done, click “_Export_”.

Step 10: Choose the destination to save the report.

Step 11: The report will show up automatically once being saved successfully. __

Copy files to the USB

Step 1: Plug in the peripheral device into the endpoint’s port, and open MetaDefender Endpoint, navigate to the neripheral Media Protection feature. Choose the peripheral device you would like to copy files from and click “_Copy to_”

Step 2: Choose the file or folder to copy from the local drive to media. Users can do this by choosing the local drive directly from the user interface of MetaDefender Endpoint OR clicking “_Open File Explorer_” to work locally in native applications (Window Explorer).

Step 3: Choose the file or folder and click “_Copy_”

Step 4: Click ”_Copy_” to proceed.

Step 5: Wait for the scanning progress to complete.

Step 6: Once the scanning is complete, users will be notified that files/folders were copied to the USB.

Step 7: Users can export and access the scanning report by clicking “_Report_”, then choose the file format as PDF or CSV that you prefer.

Step 8: Users can also customize the information they would like to receive in the report. Once done, click “_Export_”.

Step 9: Choose the destination to save the report and it will be opened automatically. __

Last updated on

Was this page helpful?