Video Screencast Help
Search Video Help Close Back
to help

Block with limited access

Created: 23 Feb 2013 | 4 comments
Mahendra Panchotiya's picture
Mahendra Panchotiya
0 0 Votes
Login to vote

Block the usb access except .doc and .docx file, is it possible?

Discussion Filed Under:
,

Comments 4 CommentsJump to latest comment

rs_cert's picture
rs_cert
Block with limited access - Comment:23 Feb 2013 : Link

I have not implemented the policy in my network but may be below step work. Try it first in test enviornment then after that implement

 

1. Log in to the Symantec Endpoint Protection Manager (SEPM).
2. Click on Policies.
3. Click on Application and Device Control.
4. Under Tasks, click on Add an Application and Device Control Policy.
5. On the top left click on Application Control.
6. Click on the Add... button.
7. Type a name for the Rule
8. Click on the Add... button on the bottom right "Apply this rule to the Following processes".
9. Type * and Ok.
10. Click Ok.
11. Click on the Add... button on the bottom left under Rules.
12. Select Add Condition.
13. Select File and Folder Access Attempts.
14. Click on the Add... button on the right next to "Apply this rule to the Following files and folders".
15. On File or Folder Name to Match, type "*.*".
16. Check on Only match following files and check only Removable Drive
17. Click Ok.
18. Click on the Add... button on the right next to "Donot Apply this rule to the Following files and folders".
19. On File or Folder Name to Match, type "*.doc and *.docx".
20. Check on Only match following files and check only Removable Drive
21. Click Ok.
22 . On Actions Tab in Read Attempt and Create, Delete, or Write Attempt select "Block Access"
Optional: Can you Check Notify User for example "Is not permited download executable files, contact the administrator"
 
+1
Login to vote
Ashish-Sharma's picture
Ashish-Sharma Partner
Block with limited access - Comment:23 Feb 2013 : Link

Hi,

Check this thread

https://www-secure.symantec.com/connect/forums/making-usb-read-only-able-copy-files#comment-7871741

 

Thanks In Advance

Ashish Sharma

SEPM Knowledgebase Documents  

 

+1
Login to vote
Sumit G's picture
Sumit G Partner
Block with limited access - Comment:23 Feb 2013 : Link

Agree with above comment. It can help to manage the USB device with RO acess and as well as able to copy document file in USB.

Regards

Sumit G.

-1
Login to vote
kaman's picture
kaman Partner Accredited Certified
Block with limited access - Comment:24 Feb 2013 : Link

 

To use Application Control:

1. Select the Application Control view.
2. Select (Check Mark) "Make all removable devices read-only" (For example) and select Edit.
3. Select "Block writing to all files and folders", under "Do not apply to the following files and folders", select Add...
4. Under "File or Folder Name To Match" enter a * (An Asterisk).
5. Select (Check mark) "Only match on the following device id type", press Select.
6. Select (Highlight) the device added to the hardware list (The unique USB device added previously.) and press OK.
7. Press OK to close windows until at the "Application and Device Control Policies" window of the SEPM

0
Login to vote