1. What actually happened or you saw:
I’m currently running CIS Premium v12.2.2.7036 on Windows 10. I’ve noticed that this version comes with an integrated peripheral firewall called “Device Control”. This functionality allows a user to block all devices of a given type from being recognized and attached to the system by the OS. This means that you can, for example, block all unknown USB flash keys and prevent any malware from potentially executing from the USB device. There have also been hacked devices that look like USB Flash drives, but actually present themselves as HID devices like a keyboard. Once registered by the OS, these devices can send pre-programmed keystrokes to the system and potentially execute malicious commands. The Device Control is here to stop this abuse by blocking given devices from being attached to the system upon insertion. In advanced CIS settings there is also a whitelist where specific exceptions can be made. For example, an external USB keyboard and a mouse can be manually whitelisted so that it does not get blocked. An option also exists to show an informative alert when a newly attached device has been inserted and blocked.
2. What you wanted to happen or see:
Unfortunately, the informative alert that I mentioned in previous point is just that - an informative alert. There are no controls in this popup where a user can choose to either allow or reject the given device. Yes, I know that devices can be added to the whitelist manually by going into advanced settings, but I was hoping to see these controls be added to the alert popup as well. A simple “Block” and “Allow” buttons should suffice. If the user chooses to block then the device stays blocked. If the user chooses to allow then the device gets automatically added to the whitelist. Perhaps also make an option to temporarily allow a device i.e. only temporarily add it to the whitelist (for this user session) so that it gets removed by next user login. Add a “Remember” tickbox like the rest of the alerts have it.
3. Why you think it is desirable:
It’s desirable because it is way more convenient and faster than having to manually go into settings and poke through a big device list.
4. Any other information:
CIS Pro is awesome!
EDIT: Added poll.
Also, this is the existing alert that I was talking about:
It needs Allow/Reject buttons, and an option to choose whether to allow temporarily or permanently.