Application and device Control (ADC) with Windows 7
Created: 13 Oct 2012 | Updated: 16 Oct 2012 | 12 comments
This issue has been solved. See solution.
Dear All
I using SEP 11.x and have been config ADC funtion. I see that device control function not effected for windows 7 but windows XP is OK. Example : I banned the use of usb device=>result :
- For windows XP : OK, not dectech when user plug USB device port
- For windwos 7 or vista : not OK. still used USB device
can you help me this issue
Thanks/Duy
Discussion Filed Under:
Comments 12 Comments • Jump to latest comment
As I suspect you may have Windows 7 x64 machines, keep in mind Application and Device Control module is not compatible with 64bit environement if you are using SEP 11.0.
SEP 12.1 Application and Device Control module is however compatible with 64bit systems.
Please refer to the article below:
http://www.symantec.com/docs/TECH102267
https://www-secure.symantec.com/connect/forums/how-block-usb-using-sepm-windows-7
https://www-secure.symantec.com/connect/forums/sep-64bit-os-supported
https://www-secure.symantec.com/connect/forums/64-bit-systems-usb-block
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
whats the SEP version used?
what is the OS bit?32/64?
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
Hi Pete
SEP version used : 11.0.7200.1147
OS : windows 7 professinal 32 bit service pack 1
Thanks/Duy
Hi,
Check SEP policy are applied or not ?
Try to create new package and install one system and check policy are apply or not
Check this
After setting up an Application and Device Control policy to block CD writing, CD writing is not blocked as expected, and write attempt is not logged
http://www.symantec.com/business/support/index?page=content&id=TECH104800
Please note that Windows 7 and Vista do not have the process IMAPI.exe, the feature they use is IMAPIv2.0.This feature uses dll files in both windows vista and windows7.The IMAPI service that existed in Windows XP was not used for Vista and windows7. Hence there is no service interfering with 3rd party software that we can disable.However,we can locate and block "launch process attempts" for the associated dll(s)
NOTE : For Windows 7 OS you can use following file fingerprint value as Windows 7 dose not use imapi.exe, it uses imapiv2.0. This feature uses .dll files.
*Values listed below are for Windows 7 SP1. Values can change after applying new service packs.
Widnows 7 32bit OS:
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
For Win7, you need to upgrade to SEP 12.1 so it is compatible.
Symantec Endpoint Protection 11.0 compatibility with 64-bit platform
http://www.symantec.com/business/support/index?page=content&id=TECH102143&locale=en_US
SEP Knowledge Base
Endpoint SWAT
Create a test group and try the policy as per attached document
https://www-secure.symantec.com/connect/downloads/...
Move the window 7 clients in the same group and check the result.
If it come help then implement in production
Regards
Sumit G.
Hello,
Could you make sure the Network Threat Protection and Application & Device Control are installed on the Windows 7 32 bit machines.
Secondly, also make sure these ADC policies are applied to the same group where these Windows 7 clients reside.
What happens if you disable the UAC on the Windows 7 machines?
Again,
Here are the Steps to block the USB Drives -
1. First you have start and logon to “Symantec Endpoint Protection Manager”
2. In the main windows | tool bar select: “Policies” | Hardware Devices | right click and ADD
3. In Device Name write “USB Storage” and Device ID “USBSTOR*.*” | OK
4. Then click inside “Application and Device Control” in the main menu and then right click inside “Application and Device Control” and Edit.
5. Device Control | Blocked Devices and click Add
6. Select “USB Storage” and click OK
7. Active Notification: Mark: “Notify users when deviced is blocked”, click “Specify Message Text” ) | add messange | OK (c) and click OK.
8. To assign to the policy just click in “ASSIGN”
9. Select the group to be applied and click “Assign”
10. Done the policy will updated to all workstation member of this group.
Check these Articles:
How to Block or Allow Devices in Symantec Endpoint Protection
http://www.symantec.com/docs/TECH175220
How to block USB Thumb Drives and USB Hard Drives, but allow specific USB Drives in the Application and Device Control Policy in Symantec Endpoint Protection.
http://www.symantec.com/docs/TECH106304
How to block USB Keys with SEP
http://www.symantec.com/docs/TECH106361
Hope that helps!!
Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | MCTS | STS | ITIL v3
Twitter: @mithun_sanghavi
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<&a
Hi
Have you try the attaach link?
Regards
Sumit G.
Thanks all very much..! This problem sloved
HI,
Can you provide what's the solution.
Your answer help some one
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
Hi all
Before I configed as bellow
That configed only effected for windows XP . windows 7 is not effected . I don't know why. can you explain ?
After I re-config as bellow :
After config I see effected both Windows 7 32 bit and Windows XP
That's my experience ..! sharing to you
Thanks/ phamduyus
"Thumbs up" for adding that information! &: )
This may also be of help to admins with the same situation / sort of question:
With thanks and best regards,
Mick
Would you like to reply?
Login or Register to post your comment.