Video Screencast Help
Scheduled Maintenance: Symantec Connect is scheduled to be down Saturday, April 19 from 10am to 2pm Pacific Standard Time (GMT: 5pm to 9pm) for server migration and upgrade.
Please accept our apologies in advance for any inconvenience this might cause.

SEP - Device Control

Created: 27 Aug 2010 • Updated: 04 Nov 2010 | 4 comments

Hi.

I would like to have some information about SEP Device Control Capabilities.

- Is it possble to allow just an specific USB stick by user and host?
- Is it possible to log the files that have been moved to the devices? By loging I mean: user, file name, date and time.
- What devices can have the policies applied?

If you can take me to a documentation (other than the comercial PDFs) where can I get to know it would be very helpful.

Thanks.

 

Discussion Filed Under:

Comments 4 CommentsJump to latest comment

Rafeeq's picture

 Is it possble to allow just an specific USB stick by user and host?
Yes its possible;
Document: http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/b54beb2f46268ccc882574e80052960f?OpenDocument

2:Is it possible to log the files that have been moved to the devices? By loging I mean: user, file name, date and time
Yes its possible
link:

https://www-secure.symantec.com/connect/forums/usb...

3:What devices can have the policies applied?
any device you add it here
follow document 1 http://service1.symantec.com/SUPPORT/ent-security.nsf/ppfdocs/2007511906325898?Open&dtype=corp&src=&seg=&om=1&om_out=prod

Symanticus's picture

wow, this is sounds very great :-)

/* Infrastructure Support Engineer */

mssym's picture

- Is it possble to allow just an specific USB stick by user and host?
---Yes, you can allow or block certain USB devices, you can grant or deny access by user or computer, but not both at the same time, which means you will need to choose to use User Mode configuration or Compuer Mode configuration. do not configure some with User mode and some Computer Mode in the same domain, that never works well, if you need both, create two SEP domain, one with User Mode and the other is Computer Mode.

- Is it possible to log the files that have been moved to the devices? By loging I mean: user, file name, date and time.
--- Yes, you can monitor device activity, SEP 11.x provided pretty detailed logging information if you turn the device logging on, the log will provide you the information you listed, if you really want to get more details of what being moved, such as, the contents of the files and which to take some action at the time that the filter is triggered, Symantec has another Data Loss Prevenstion product --  Vontu, I think it is called Symantec DLP now, good product,

- What devices can have the policies applied?
--- You can apply the polices to almost all the devices, I think you may just interested in control those removable storage devices, one advise, test before you apply the policy to the clients.

Henrique C's picture

Thank you for your answers. That's been very useful.