Video Screencast Help

Application and Device Control not working

Created: 22 Feb 2013 | 8 comments

Recently I have run into this and I'm stumped. The Application and Device Control policy isn't working correctly.

I have nothing set at Applications and for Devices I'm blocking CD/DVD and USBSTOR* and I've got Human Interface Devices excluded. Yet USB sticks still connect sometimes on some of the Windows XP boxes. When I plug in a USB stick I get the Autoplay pop-up and then sometimes I even see the SEP pop-up saying that the device has been disabled, even though it hasn't been. Usually the USB is blocked the second time it's getting plugged in, but not always.

I haven't seen this on Windows 7 so far.

 

Anyone has experienced anything similar to this?

 

Thank in advance!

Operating Systems:

Comments 8 CommentsJump to latest comment

.Brian's picture

What version of SEP is this for?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Stefan Avramescu's picture

I'm using SEP 12.1

 

I know the whitepapers and the detailed guides and I have already read them and implemented what is recommended there. But it's not working on some of the machines. And that's what I do not get. Why on some machines the policy is working fine, and on other machines it's not.

Mithun Sanghavi's picture

Hello,

How many machines is this issue occurying on?

Is the ADC and Firewall Feature install on these machines?

Is the Policy being reflected in these client machines?

Were these machines restarted atleast once after the policies were applied??

Could you try uninstalling 1 SEP client and reinstalling SEP with full feature set and check if that issue gets resolved.

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

.Brian's picture

What version specifically? I'm looking thru fix notes for the versions of 12.1 to see if this may have been a bug. But, if already on 12.1.2 than this may be something new.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Stefan Avramescu's picture

The clients that are having this issue are 12.1.1000.157 and 12.1.1101.401.

It's not possible for me to upgrade them to 12.1.2015.2015 yet (but it's planned for the future).

Stefan Avramescu's picture

From what I can tell I have already almost 20 machines that are experiencing this issue right now.

The ADC and Firewall features are installed and the machines are up to date and communicating properly to the Manager. Some of the machines have been restarted but the issue still persists. The same policy is working fine on nearby machines, but not on the ones with issues. So far I haven't been able to identify a root cause for this, which is what I'm really interested in.

If I can't count on the policy to be enforced after it's being applied then there is no way for me to know for sure that it's working, or if it stops working again sometime in the future. I already have defects regarding this in an internal audit and in an external one this could turn out very bad. That's why uninstallation is not a solution. This stuff has to work.