Video Screencast Help

Device Control in SEP & Symantec End Point Encryption Device Control

Created: 25 Dec 2012 • Updated: 19 Jan 2013 | 7 comments
MKV's picture
This issue has been solved. See solution.

I am cheking on the possibilities of the Device Control features available in the Symantec End Point Protecton.How effective is this?There is also another product Symantec Endpoint Encryption Devce Control.Whether all (atleat almost all) the features in the SEE Device Control can be done using the SEP Device Control also?

What would be the basic differences and the level of control that can have on device control for both?


Comments 7 CommentsJump to latest comment

Ashish-Sharma's picture


main difference both the product->SEP not Encrypted data but Symantec Endpoint Encryption Device Control encrypted the data.

Symantec Endpoint Protection Application and Device Control

Symantec Endpoint Encryption Device Control software enables organizations to monitor device usage and file transfer activity, control access to ports, devices, and wireless networks, as well as to restrict user’s ability to copy protected information to removable media. When implemented with Symantec Endpoint Encryption Removable Storage Edition, the combination provides protection for enterprise data on endpoints from the risks associated with USB security, as well as other portable devices and media

Symantec Endpoint Encryption Device Control

Thanks In Advance

Ashish Sharma

MKV's picture

Thanks Aashish for that ,

What about the association of SEP Device control (not SEE) with the SEE RS.?

For example what I am trying to achieve is ,

SEE Removable Storage is installed &  the enduser should have liberty to encrypt/not encrypt the files on a removable media.But if he do not encrypt te file ,the device control should prevent the access as a consequence


MKV's picture

Hello Ashish,

Happy New year.

Thanks for your reply and suggestions given.I have gone through the links suggested by you.My original question still stands .The Symantec Encryption Device control seems to have quite all the feature that we require.But what I was checking was about the Device Control option in Symantec End point Protection.
Can SEP Device control also help in getting the granular control as Encryption device control does?Is the only difference between this is that SEE Device control is encrypted communication and SEP Device Control not.

Ashish-Sharma's picture


Can SEP Device control also help in getting the granular control as Encryption device control does?

You can specify SEP device control policy where is applied or not applied.

Which type Granular control you need ?

Check this thread

Thanks In Advance

Ashish Sharma

SMLatCST's picture

Nopes, SEP does not natively have the options for only allowing encrypted files to be written to removable storage, and blocking all unencrypted data writes.

This sort of behaviour could (in theory) be accomplished within SEP by blocking data writes to USB by all processes other than the SEE-RS process, but I have no documented guidelines to give you on how to do this (or even the process names).

Only SEE-DC natively supports this functionality (to block all file writes unless the file is encrypted), but you do need SEE-RS as well, as SEE-DC does not do encryption by itself.