Endpoint Protection

Hello,

please help with SEP Application and Device Control policy. 

On client PC and SEPM server is Current Policy Serial Numbers identical.

Device Control policy is set to block USBSTOR* devices, but I can stil use USB sticks.

Do you have any idea?

Thanks

Marek

Is there any messages showing in the client Control log?

Where can I find it?

Thx

Sorry: https://support.symantec.com/en_US/article.TECH159915.html

Looks like there is noting new. Here is translation:

Le contrôle d’application et de périphérique est prêt. -> The application and device control is ready.

Thats all.

Sorry here is log.

The policies looks fine. Can you make sure that the application and device control feature is installed on the client computer.

Thanks for your reply. I will look tomorrow, we have night now.

 

Hello,

as I see it is installed.

Any other idea?

Thx

Then it has to be something with the policy. I might recommend a support so someone can remote in to look.

Hmmmm, does this policy correctly block USBSTOR* devices on any other machine?

If yes, then I'd suggests you start the SEP Client on the PC using the "Run as Admin" option, and make sure "Enable Application and Device Control" is ticked under Change Settings -> Client Management -> Configure Settings.  Or perhaps reinstall the client...

If not, then create a new A&DC policy that blocks USBSTOR* only, and test with that.

Is this policy enabled in SEPM (check the box on the home page of the policy)? Also, is this policy assigned to the group in which the client is reporting?