How to block USB flash drives while allowing other USB devices. 

you try by block using the device id of your usb stick ..
You can also use guid (Device id) for blocking..

How to create a rule that will allow only specific USB’s on to your network
 http://service1.symantec.com/support/ent-security.nsf/docid/2009031809381448

How can i try to block usb with device id?

I need to block only usb stick with device id.

Identifying Devices in Device Manager with PCIDatabase 

The doc above shows how to do that
http://service1.symantec.com/support/ent-security....
 

Device Identification Strings 

Hi

Download CD2 and use Dev Viewer

Try these Documents this may Help you

How to use Application and Device Control to block all USB devices except those I specifically want to allow
http://service1.symantec.com/support/ent-security.nsf/docid/2008083110540548

How to block USB Thumb Drives and USB Hard Drives, but allow specific USB Drives in the Application and Device Control Policy in Symantec Endpoint Protection.
http://service1.symantec.com/support/ent-security.nsf/docid/2008102008020548

I can block the usb stick from my notebook but if I replace another port from my notebook it can use.If i use this stick from the different notebook it can use.That notebook is in the same group of my note book.How could this happen?

Run Dev Viewer in notebooks by connecting usb stick in various ports and see whether it is giving same id or different id
It should be same...

From the device view of my notebook it show device id is drifferent and GUI is same.Can i use GUI to block the USB stick?

Yes you can use guid.GUID also known as class id.. 

I cannot add the GUID as a class id because GUID is already have it in USB hardware class id.

I didn't get you 
 Both GUID and Class ID are same ,both are different names of same thing
ref:Page no 526 administration guide

To obtain a class ID or device ID by using the DevViewer tool
1 On CD 3 of your product, locate the \TOOLS\NOSUPPORT\DEVVIEWER
directory, and then download the DevViewer.exe tool to the client computer.
2 On the client computer, run DevViewer.exe.
3 Expand the Device Tree and locate the device for which you want the device
ID or the GUID.
4 In the right-hand pane, right-click the device ID (it starts with [device id]),
and then click Copy Device ID.
5 Click Exit.
6 On the management server, paste the device ID into the list of hardware
devices.

To obtain a device ID from Control Panel
1 On the Windows taskbar, click Start > Settings > Control Panel > System.
2 On the Hardware tab, click Device Manager.
3 In the Device Manager list, double-click the device.
4 In the device's Properties dialog box, on the Details tab, select the Device ID.
By default, the Device ID is the first value displayed.
5 Press Control+C to copy the ID string.
6 Click OK or Cancel.
Adding a hardware device to the Hardware Devices
list
After you obtain a class ID or device ID for a hardware device, you can add the
hardware device to the default Hardware Devices list. You can then access this
default list from the device control part of the Application and Device Control
Policy.
To add hardware devices to the Hardware Devices list
1 In the console, click Policies.
2 Under Policy Components, click Hardware Devices.
3 Under Tasks, click Add a Hardware Device.
4 Enter the name of the device you want to add.
Both Class IDs and Device IDs are enclosed in curly braces by convention.
5 Select either Class ID or Device ID, and paste the ID that you copied from
the Windows Device Manager or the DevViewer tool.
6 You can use wildcard characters to define a set of device IDs. For example,
you can use the following string: *IDE\CDROM*.
7 Click OK.
Adding a hardware device to the Hardware Devices list
Editing a hardware device in the Hardware Devices
list
You can edit any hardware devices that you have added to the list. The default
devices that are listed cannot be edited.
To edit a hardware device in the Hardware Devices list
1 In the console, click Policies.
2 Under Policy Components, click Hardware Devices.
3 In the Hardware Devices list, click the hardware device you want to edit.
4 Click Edit the Hardware Device.
5 Edit either the device name, the class ID, or the device ID.
6 Click OK.
The updated device information is displayed in the Identification list.

1. In the SEPM, Under View Policies, select Application and Device Control
2. Right click your Application and Device Control Policy and select Edit
3.Select the Device Control view.
4 Under the Blocked Devices section, click Add, select the device name which you given earlier for your usb stick and click OK. 
5 Click OK to the Application and Device Control policy window.

Now that device will be disabled..

Your problem got solved?

Sounds like you were blocking the device ID of the USB PORT and not the ID of the memory stick or thumb-drive.
There's a difference..............
You need to block the id of the device you plug in, not what you plug in to.
Look in the registry, local machine, system, current control, enum - and look under USBSTOR. All USB storage devices that have ever been connected will be there.
find the ID that goes with that thumb drive. They are listed by vendor and model such as VEN_KINGSTON for kingston brand devices, and PROD_DTSecure is the model of the Kingston thumbdrive.

Today I fix it.I try kavin document and It is work.Thank you for helping me into this forum.