Symantec Endpoint Protection 11.0: Application and Device Control & NTP White Paper
Device and Application Control is an advanced security feature included in Symantec Endpoint Protection 11.0. This feature has two focuses, firstly Device and Application Control, provides administrators with the ability to monitor and/or control the behaviour of applications. Administrators can grant/deny access to certain registry keys, files, and folders. In addition, administrators can also define which applications are permitted to run, which applications that cannot be terminated through irregular processes, and which applications can call Dynamic Link Libraries. Secondly, Device and application controls can block and control peripherals connected to a SEP client.
This gives administrators the flexibility to enable, disable and control access to removable storage and other peripherals. This document will focus on providing several examples on how to create Device and Application Control Policies to take full advantage of all the capabilities of this feature.
We do encourage to use SEP 12.1 because it has more enhancement & Default polices tuned for today’s threat landscape
Best Practices for Deploying Symantec Endpoint Protection's Application and Device Control Policies