Video Screencast Help

SEP Device Control Problem

Created: 13 Feb 2013 • Updated: 13 Feb 2013 | 6 comments
D@ry1's picture
This issue has been solved. See solution.

Hey guys,

We tried to use Device Control and it was useful, we used the DevViewer to Check the GUID and the Device ID and add it on the SEPM Console,

HERE IS THE PROBLEM,  we found out  the  USB Broadband Stick uses the same GUID as the Optical Drive, so basically if we block the USB Broadband Stick, it also blocks the Optical Drive like CD and DVD Drives. Is there anything we can do to fix this?

from what I know GUID is for general device ID and Device ID is unique to each device so we cannot use the Device ID.


Comments 6 CommentsJump to latest comment

Ashish-Sharma's picture


Basically Every device GUID are different but in your case both are using same.

Whis company USB Broadband Stick device are you using?

Thanks In Advance

Ashish Sharma

D@ry1's picture

It's a PLDT WeRoam, is there any other way?

Sumit G's picture

Device ID match till device type but vendor id is differenet. Choose the device id before Rev.


Sumit G.

Mithun Sanghavi's picture


There are two ways that devices can be identified in SEP 11.x and 12.1:

  1. by Class ID
  2. by Device ID

There are advantages and disadvantages of using either method and there is a different functionality for each method. 

Class ID

A Class ID is a generic category of devices that are designated by the Windows operating system.  A Class ID is always listed as a GUID.  Here are examples of Class IDs (GUID):

  • Disk Drives - {4d36e967-e325-11ce-bfc1-08002be10318}
  • Storage Volumes - {71a27cdd-812a-11d0-bec7-08002be2092f}
  • USB devices - {36FC9E60-C465-11CF-8056-444553540000}
  • DVD/CD-ROM - {4D36E965-E325-11CE-BFC1-08002BE10318}
  • IDE - {4d36e96a-e325-11ce-bfc1-08002be10318}
  • PCMCIA - {4d36e977-e325-11ce-bfc1-08002be10318}

In SEP, wildcards are not supported on Class IDs.

For a list of Class IDs, click here.

Device ID

A Device ID (also known as a Device Instance ID in Windows) is a specific ID that is given to each device.  A Device ID can be more effective for blocking or allowing devices because it is made by concatenating a list of data about the particular device.  Device IDs are generally in a more readable format.

Here are two common formats for Device IDs:

<class>\<type>&<vendor>&<model>&<revision>\<serial number>

<class>\<type><vendor><model><revision>\<serial number>

Here are examples of Device IDs:

  • SanDisk Micro Cruzer - USBSTOR\DISK&VEN_SANDISK&PROD_CRUZER_MICRO&REV_2033\0002071406&0
  • Apple iPod - USBSTOR\DiskApple___iPod____________1.62\4&3656B0&0
  • Hitachi IDE Hard Drive - IDE\DISKHTS541060G9SA00_________________________MB3IC60H\4&14AA9DA8&0&0.0.0

For Device IDs wildcards are supported: * and ?.

  • Asterisk [*] - means zero or more of any character
  • Question mark [?] - means a single character of any value

Here are examples of using wildcards:

Any USB Storage device


Any USB Disk


Any USB SanDisk drive


Any USB SanDisk Micro Cruzer drive


A specific SanDisk device


 It is recommended to use Device IDs over Class IDs in most cases.


How to Block or Allow Devices in Symantec Endpoint Protection\

Hope that helps!!

Mithun Sanghavi
Associate Security Architect


Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

D@ry1's picture

This is what I'm looking for. I'd just used the wildcard for all ZTE CD Drive to be blocked.


Ambesh_444's picture

Hi Mithun,

Your post is nice, 

Thank you for providing proper and simple solution..

Thank& Regards,


"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as solved."