Message Image  

Endpoint Protection

 View Only

  • 1.  Device control blocking and notifications, how??

    Posted Oct 05, 2010 11:16 AM

    What is the correct way to configure device blocking to block only USB storage from being added (e.g. write to USB storage) but allow USB to be read-only, allow USB mice, keyboards, hubs, etc.??

    I initially blocked USB and set several things like USB HID etc. not to be blocked but a USB hub and keyboard/mouse were also blocked -- too much blocking.

    I originally did what this document said: http://service1.symantec.com/SUPPORT/ent-security.nsf/2326c6a13572aeb788257363002b62aa/ce3a83c1ce5ca4cf492573fd005d28dc?OpenDocument

    but I hed it reported to me nothing USB would work...

    We already set the appropriate registry entries in XP but we want to add an extra step...

    Which kind of notification do I use to send email when an ADC Device Control event has been logged?? -- in the 'Add Notification' section??

    Thank you, Tom



  • 2.  RE: Device control blocking and notifications, how??
    Best Answer

    Posted Oct 05, 2010 11:30 AM

    How to block USB flash drives while allowing other USB devices.

    http://www.symantec.com/business/support/index?page=content&id=TECH104299&locale=en_US

    Application and device control policy does not block USB devices

    http://www.symantec.com/business/support/index?page=content&id=TECH105926&locale=en_US

     

    How to use Application and Device Control to block all USB devices except those I specifically want to allow

    http://www.symantec.com/business/support/index?page=content&id=TECH105770&locale=en_US


    How to configure Application Control in Symantec Endpoint Protection 11.0 : Configuring Application Control Policies

    http://www.symantec.com/business/support/index?page=content&id=TECH102525&locale=en_US



  • 3.  RE: Device control blocking and notifications, how??

    Posted Oct 05, 2010 11:53 AM

    I *did* do what is said in the document about how to block flash drives while allowing other USB devices -- a USB hub was blocked!!

    I set not to be blocked: HID, imaging, printers, smart card readers, storage volumes. A USB hard drive was blocked but not a thumb drive!!

    Am I leaving something out?? For now I don't have USB blocking disabled...trying to understand it better...



  • 4.  RE: Device control blocking and notifications, how??

    Posted Oct 05, 2010 12:19 PM

    This has more to do with Application Control rather than Device Control.

    Device control will either block the device or allow it..

     

    However if you have to keep control over the applications on your device then you will have to use Application Control.

    http://www.symantec.com/business/support/index?page=content&id=TECH95813&locale=en_US



  • 5.  RE: Device control blocking and notifications, how??

    Posted Oct 05, 2010 12:20 PM

    We plan to test more thoroughly next week...with the App Control vs. Device Control.

    Thank you, Tom