You want to block USB Storage Devices using an Application policy,
|Article:TECH92447|||||Created: 2009-01-18|||||Updated: 2009-01-25|||||Article URL http://www.symantec.com/docs/TECH92447|
You want to know how to block USB storage devices using only an application policy and not a device control policy.
1. Create a new device id for the usb storage devices.
a. Go to Policies --> Policy Components.
b. Add a new device id. Select device id radio button, and put in USBSTOR\*
2. Add a new rule for your application and device control policy.
a. In the application and device control policy, select the application policy. Click add.
b. Add an * for apply to this process.
c. Add a new "File and Folder Access Attempts" condition.
d. Add an * for apply to the following files or folders. Also choose to "Only match files on the following device id type"
e. Click select at the bottom right. Choose your new device id. Click OK.
3. Click the Actions tab for the "File and Folder Access Attempts" condition.
4. Choose to block access to read attempts and create, delete, or write attempts.
5. Enable logging if needed and notifications.
Apply this policy to the group that you want to block all usb storage devices.
Article URL http://www.symantec.com/docs/TECH92447