Yes you can.
For Device ID we also we support the use of wildcards "*" and "?":
• Asterisk (*) means zero or more of any character
• Question mark (?) means a single character of any value
Examples:
• Any USB storage device: USBSTOR*
• Any USB disk: USBSTOR\DISK*
• Any USB SanDisk drive: USBSTOR\DISK&VEN_SANDISK*
• Specific SanDisk device:
USBSTOR\DISK&VEN_SANDISK&PROD_CRUZER_MICRO&REV_2033\0002071406&0
• Specific Kingston device: USBSTOR\DISK&VEN_KINGSTON&PROD_DTSECURE_PRIVACY*
Excerpt from:
Symantec Endpoint Protection 11.0 - Application and Device Control Rev 1