How to block CD/DVD Writing in Windows 7

Article:TECH104800  |  Created: 2008-01-25  |  Updated: 2013-05-07  |  Article URL
Article Type
Technical Solution


Blocking imapi.exe no longer blocks CD/DVD writing in Windows 7 like it once did in Windows XP.


CD or DVD writing continues without restriction.


SEP cannot block CD/DVD writing directly. This is a known limitation of ADC, documented in the Administration Guide for Symantec Endpoint Protection and Symantec Network Access Control.


To work around this problem, Create an Application and Device Control policy that blocks the specific DLLs that write to CD or DVD drives.

  1. Log into the Symantec Endpoint Protection Manager (SEPM).
  2. Click on the Policies.
  3. Select edit the Application and Device control policy.
  4. Click on Application Control in left hand pane. In the right hand pane, right click and select ADD.
  5. Type in a context relevant name for the new rule in the Rule set name field.
  6. Click on the ADD button at the bottom and select Add Condition.
  7. Click on File and Folder Access Attempts.
  8. In the right-pane click Add.
  9. Add the following process paths:


  10. Click on OK.
  11. Click on the Actions tab and select Block Access in either of the "Read Attempt" and "Create, Delete, or Write Attempt" sections.
  12. Save the policy and assign it to any desired groups.


Application and Device Control policy to block CD-DVD burning on Windows 7
Block CD-DVD burning on Windows 7.dat (13 kBytes)

Legacy ID


Article URL

Terms of use for this information are found in Legal Notices