Hi,
I've been looking at SEP for a customer and so far it is stacking up quite well. The customer however currently uses DeviceLock for restriciting access to USB ports and devices. These restrictions are based on Active Directory user group memberships (i.e User A on Computer A can access USB key drives, but User B on Computer A cannot). Ultimately, if we go with SEP, we would like to replace the DeviceLock functionality with SEP Proactive Threat Protection Device Control.
From what I've read the SEP client can operate in "computer" or "user" mode but not both. It seems that generally computer mode is a better choice, with policies applying then to the computer, not the user. If I were to run my client in computer mode, is there anyway to then apply device control policies by user (as per my example above). Generally all policies we would apply would be suitable (and potentially preferable) to be computer based, other than the device control policy where we would like the policy to be user based.
From the reading of the documentation its not clear if this can be done other than the client being in user mode for everything, which I think we would like to avoid.
Any advice / suggestions / pointers would be much appreciated.
Cheers,