Endpoint Protection

Anyone have idea to create the policy of usb data card. There 5 type of data card acess in our network and i want to create the policy to access them. Other usb can be restrict in that policy.

Can you provide some more details?

How do you block/allow your USB device now? I do not have a USB data card, if the device is defined as a regular USB storage, you can block USBSTOR device, data card will be blocked. If you need to block some USB storage device, still requiret to allow certain devices of those type, I am afraid you might need to look into block each device ID, which will be a lot of time involved.

Can you create multiple groups to manage the devices? this way you can manage machines/users device control more granular.

I assume you are looking for this article

https://www-secure.symantec.com/connect/articles/how-configure-device-control-policy-internet-data-cards-block-usb-storage-and-allow-modem-f

Put USBSTOR/DISKDRIVE&* in Block then it will block all USB disk with data card and all types of USB Disk drives.

Hi msym, i have 5 type of data card. I have created the new group for datacard user to provide the access of data card only, all other usb want to block. Data card is of vodafone, tata, reliance, docomo, vf-3g.

hi 22 aug, thxs for share. I will read and reply. Hi vikram, i want exclude the datacard. Block other usb

hi 22 aug, thxs for share. I will read and reply. Hi vikram, i want exclude the datacard. Block other usb

The one I mentioned will block the all the USB disk drives it will not block the data card however it will block the USB disk that coms with data card.

However if you want to allow even the USB Disk with data card then.

Use th above policy to block

then allow

USBSTOR/DISKDRIVE&\Vendor_Name (for all 5types of data card)

Vendor_Name you can get using devviewer for the application.

K. Thxs i will try the same at tomorow.

Hi Vikram,

I have tried as per your mention  but in this policy all the USB include Pend drive(Storage Device) are working

Just to make sure you are applying the policies correctly :

Block :USBSTOR/DISKDRIVE&*

Allow :USBSTOR/DISKDRIVE&\Vendor_Name (for all 5types of data card)

Vendor_Name

 

Hi Vikram,

    I have update the USBSTOR/DISKDRIVE&* in the Block option and also update the 2 Data Card Device ID in the allow option for testing purpose...

But block option not working. All of the USB/Storage Device are working in this policy...

 

So if any change require then pls share..

can I try "USBSTOR/DISKDRIVE*" this one..

Ooops Sorry my Bad..

Its USBSTOR/DISK&* for block

to allow

USBSTOR\DISK&VEN_NAME*

Still not getting success. same issue..

Can you export and attach your policy

Hi,

   Pls find the attached zip

Hi,

Did you tried following the steps as mentioned in the article

https://www-secure.symantec.com/connect/articles/how-configure-device-control-policy-internet-data-cards-block-usb-storage-and-allow-modem-f

Once you know the device you can use the wildcard.

You need to run devviewer and post the device information so that we will not talk about different type of devices.

I know that one and I have applied the same but I want to block other USB.

Hi,

Ok, after applying the policy the system needs to be restarted once. Ensure the client have received the policy from SEPM and the policy number matches.

I have not restarted any system while applying any policy. All other policies are working fine

I got the problem again my mistake...., you are putting the wrong \

Put this 

USBSTOR\DISK*

 

========================

 

K i will try this one and confirm you

I have tested this policy usb has been blocked but I don't try datacard till...

For datacard use the Device ID with Vendor name and device type.

eg: USBSTOR\DISK&VEN_SANDISK&PROD_CRUZER_MICRO*

Thanks a lot for your help.. It's done..