How to make USB drives read-only with Symantec Endpoint Protection using Application and Device Control
|Article:TECH95813|||||Created: 2009-01-26|||||Updated: 2009-01-09|||||Article URL http://www.symantec.com/docs/TECH95813|
How can I ensure that Symantec Endpoint Protection clients have read-only access to USB drives?
To limit SEP clients to read-only USB drive access, create/edit and assign an appropriate Application and Device Control policy using the following steps:
- Install Symantec Endpoint Protection, including the Network Threat Protection feature, on the clients where USB drives will be used
- Ensure that the clients is communicating with the Symantec Endpoint Protection Manager (SEPM)
- Log on to the SEPM console and click on the Policies tab in the left hand window pane
- Select Application and Device Control
- Create a new policy or edit an existing Application and Device Control policy
- Click on Application Control and select the following options:
- Make all removable drives read-only
- Block writing to USB drives
- Assign the policy to the client(s) in question
- Reboot the client(s) to implement the policy.
Article URL http://www.symantec.com/docs/TECH95813