Video Screencast Help
Search Video Help Close Back
to help

Device Control - Device ID Wildcard not working?

Created: 22 Oct 2012 | 8 comments
huntmknox's picture
huntmknox
0 0 Votes
Login to vote

Hi all,

I have device control policies running and it's working fine.
I blocked USB to block thumbdrives and created exceptions for USB printers, Keyboard etc.

I created my own exception to allow Apple devices but it doesn't seem to work using wildcards. It does work when I use the full Device ID.

This is the device ID of an iPhone 4S: USB\VID_05AC&PID_12A0\A2BDCF4999324F6DA69FD82943989926FC5274EE

When I create an exception to allow all Apple USB devices with this ID: USB\VID_05AC*  it does not apply.
I also tried the following:

USB\VID_05AC
USB\VID_05AC&*
\USB\VID_05AC
\USB\VID_05AC*
"\USB\VID_05AC*"

Version is 12.1.671.4971

Here is an example of the security logs:

Using wildcards:
Device Manager Message
The device was disabled successfully.
 [name]:Apple Mobile Device USB Driver
 [class]:Universal Serial Bus controllers
 [guid]:36fc9e60-c465-11cf-8056-444553540000
 [deviceID]:USB\VID_05AC&PID_12A0\A2BDCF4999324F6DA69FD82943989926FC5274EE

Device Manager Message
The device was disabled successfully.
 [name]:Apple iPhone
 [class]:Portable Devices
 [guid]:eec5ad98-8080-425f-922a-dabf3de3f69a
 [deviceID]:USB\VID_05AC&PID_12A0&MI_00\0

Using the complete Device ID:

Device Manager Message
The device was allowed successfully.
 [name]:Apple Mobile Device USB Driver
 [class]:Universal Serial Bus controllers
 [guid]:36fc9e60-c465-11cf-8056-444553540000
 [deviceID]:USB\VID_05AC&PID_12A0\A2BDCF4999324F6DA69FD82943989926FC5274EE

 

Device Manager Message
The device was allowed successfully.
 [name]:Apple iPhone
 [class]:Portable Devices
 [guid]:eec5ad98-8080-425f-922a-dabf3de3f69a
 [deviceID]:USB\VID_05AC&PID_12A0&MI_00\0

Anyone have any ideas how to get this working?

Discussion Filed Under:
, , , ,

Comments 8 CommentsJump to latest comment

Brian81's picture
Brian81 Trusted Advisor
Device Control - Device ID Wildcard not working? - Comment:22 Oct 2012 : Link

Have a look at this taken from admin guide:

 

For Device ID we also we support the use of wildcards "*" and "?":
• Asterisk (*) means zero or more of any character
• Question mark (?) means a single character of any value
Examples:
• Any USB storage device: USBSTOR*
• Any USB disk: USBSTOR\DISK*
• Any USB SanDisk drive: USBSTOR\DISK&VEN_SANDISK*
• Specific SanDisk device:
USBSTOR\DISK&VEN_SANDISK&PROD_CRUZER_MICRO&REV_2033\0002071406&0
• Specific Kingston device: USBSTOR\DISK&VEN_KINGSTON&PROD_DTSECURE_PRIVACY*

SEP Knowledge Base

Endpoint SWAT

0
Login to vote
  • Actions
huntmknox's picture
huntmknox
Device Control - Device ID Wildcard not working? - Comment:22 Oct 2012 : Link

That's where I got the * wildcard from in the first place.

There are also several posts covering a parts of this topic on v11. They all say to use USB\VID_05AC*
 

0
Login to vote
  • Actions
Riya31's picture
Riya31
Device Control - Device ID Wildcard not working? - Comment:22 Oct 2012 : Link

Try with USB\VID_05AC&PID_12A0*

+1
Login to vote
  • Actions
huntmknox's picture
huntmknox
Device Control - Device ID Wildcard not working? - Comment:22 Oct 2012 : Link

This works perfectly thank you.

What is PID_12A0? An iPhone?

Will this allow iPads and iPods?

0
Login to vote
  • Actions
Ashish-Sharma's picture
Ashish-Sharma
Device Control - Device ID Wildcard not working? - Comment:22 Oct 2012 : Link

HI,

Check this thread you have received all Device ID's

https://www-secure.symantec.com/connect/forums/sep-application-and-device-control-disable-portable-devices

Thanks In Advance

Ashish Sharma

SEPM Knowledgebase Documents  

 

0
Login to vote
  • Actions
pete_4u2002's picture
pete_4u2002 Symantec Employee
Device Control - Device ID Wildcard not working? - Comment:22 Oct 2012 : Link

i believe you need to use the * till there is \ else it may not considered. can you confirm?

 

Cheers!
Pete

Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619

0
Login to vote
  • Actions
Mithun Sanghavi's picture
Mithun Sanghavi Symantec Employee Technical Support Accredited
Device Control - Device ID Wildcard not working? - Comment:23 Oct 2012 : Link

Hello,

These KB's may also be of assistance to followers of this thread.

Smart phones and Application and Device Control in Symantec Endpoint Protection

http://www.symantec.com/docs/TECH147791

Symantec Endpoint Protection Device Control: excluding devices from blocking show inconsistent results

http://www.symantec.com/docs/TECH145804

How to obtain a device ID when creating an Application and Device Policy

http://www.symantec.com/docs/TECH104789

DevViewer - a tool for finding hardware device ID for Device Blocking in Symantec Endpoint Protection

http://www.symantec.com/docs/TECH103401

Symantec Endpoint Protection Manager - Application and Device Control (ADC) - Policies explained

http://www.symantec.com/docs/TECH104431

 

Hope that helps!!

Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | MCTS | STS | ITIL v3

Twitter: @mithun_sanghavi

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<&a

0
Login to vote
  • Actions
rs_cert's picture
rs_cert
Device Control - Device ID Wildcard not working? - Comment:23 Oct 2012 : Link

When you add the Entry in Hardware for Iphone

Have you entered the  USB\VID_05AC* in Device Id or in Class Id?

 

https://www-secure.symantec.com/connect/articles/how-block-or-allow-devices-symantec-endpoint-protection

+1
Login to vote
  • Actions