The LuJam Active Cyber Protection Unit allows you to monitor and control the various devices on your network. For the vast majority of devices, you can restrict each device's use of your network services. Each device has the following options:
- Enabled: the device is trusted and can access local services and the Internet.
- Disabled: the device cannot easily access external Internet sites, but can still connect to the local network.
- Banned: the device isn't allowed to join the local network.
Most devices on your network should be enabled. However, you may want to disable a device if it is showing unexpected activity. Banning a device is really only necessary in a couple of cases:
- You're not aware what the device is or who it belongs to (usually in response to a new-device alert from LuJam Cyber). If the device is legitimate, you can change the status back to Enabled
- A team member is leaving the company. Banning their personal devices should be part of your standard exit process.
So, how do I enable/disable/ban a device? There are three ways:
- On the Device page, you can set the device's status using the drop-down menu beside each device description.
- For new-device alerts, the alert will include a similar drop-down menu.
- On the events page, there will be a drop-down menu to quarantine (disable) the device in response to accessing black listed sites.
By default, when a new device is detected on the network, it's state is set to Enabled. In the future, we're going to allow control over this -- for example, you may want all new devices to be disabled or banned until you've had a chance to review/discuss the use case.