Endpoint Protection

 View Only

  • 1.  E-sata blocking

    Posted Oct 01, 2013 03:05 AM

    Hello,

     

    how to block e-sata devices with Device Control / Application Control and be sure that it won't block internal Sata disks ?

     

    Regards



  • 2.  RE: E-sata blocking

    Posted Oct 01, 2013 03:20 AM

    check this thread

    https://www-secure.symantec.com/connect/forums/block-esata



  • 3.  RE: E-sata blocking

    Posted Oct 01, 2013 03:38 AM

    should be similar to this

    How to block USB Thumb Drives and USB Hard Drives, but allow specific USB Drives in the Application and Device Control Policy in Symantec Endpoint Protection.



  • 4.  RE: E-sata blocking

    Broadcom Employee
    Posted Oct 01, 2013 10:21 AM

    Hi,

    Thank you for posting in Symantec community.

    Do you want to block external hard disk (e-sata)?

     



  • 5.  RE: E-sata blocking

    Posted Oct 03, 2013 10:49 AM

    Right, be sure to block E-sata but not internal SATA disks..



  • 6.  RE: E-sata blocking

    Broadcom Employee
    Posted Oct 03, 2013 12:42 PM

    Hi,

    You should check the device id's.

    A Device ID (also known as a Device Instance ID in Windows) is a specific ID that is given to each device.  A Device ID can be more effective for blocking or allowing devices because it is made by concatenating a list of data about the particular device.  Device IDs are generally in a more readable format.

    On the SEP CD or DVD, under the Tools\NoSupport folder look for Device Viewer (DevViewer). The Device Viewer can be used to get either the Class ID or the Device ID of a particular device. It would assist copying the IDs to the clipboard and then paste into the SEPM

    Are they same for E-sata and internal SATA disks? Ideally they should not.

    If they are not same then add them under block list and check.

    I would recommend to test it prior to implement.

    Refer this article:

    How to Block or Allow Devices in Symantec Endpoint Protection

    http://www.symantec.com/docs/TECH175220
     



  • 7.  RE: E-sata blocking

    Posted Oct 04, 2013 04:30 AM

    Hello,

    sure we can use Device ID but it's not easy here because we may have a lot of manufacturer for our E-sata disks.. We use this process for other whitelisting but here it's not possible.

    Do I have to understand that it's not possible to block only E-sate without internal SATA disks ? As it's not a deported port as for USB disk for example, I'm afraid that ther is no solution...



  • 8.  RE: E-sata blocking

    Posted Oct 04, 2013 04:52 AM

    Have you tested blocking the entire "Disk Drives" or "Storage Volumes" class (whichever class DevViewer says the esata disk is reporting under) incldued in SEP?

    I know this is a little extreme, so it's up to you as to whether the blocking of esata is worth the admin overhead of ensuring eveything else works as normal.