You want to block USB Storage Devices using an Application policy,

Article:TECH92447  |  Created: 2009-01-18  |  Updated: 2009-01-25  |  Article URL http://www.symantec.com/docs/TECH92447
Article Type
Technical Solution


Environment

Issue



You want to know how to block USB storage devices using only an application policy and not a device control policy.


Solution



1. Create a new device id for the usb storage devices.
      a. Go to Policies --> Policy Components.
      b. Add a new device id. Select device id radio button, and put in USBSTOR\*
2. Add a new rule for your application and device control policy.
      a. In the application and device control policy, select the application policy. Click add.
      b. Add an * for apply to this process.
      c. Add a new "File and Folder Access Attempts" condition.
      d. Add an * for apply to the following files or folders. Also choose to "Only match files on the following device id type"
      e. Click select at the bottom right. Choose your new device id. Click OK.
3. Click the Actions tab for the "File and Folder Access Attempts" condition.
4. Choose to block access to read attempts and create, delete, or write attempts.
5. Enable logging if needed and notifications.
 
Apply this policy to the group that you want to block all usb storage devices.





Legacy ID



2009021813553348


Article URL http://www.symantec.com/docs/TECH92447


Terms of use for this information are found in Legal Notices