Endpoint Protection

 View Only

  • 1.  SEPM Application control

    Posted Jan 18, 2012 11:34 PM

    Hi,

    Is SEP application control able to block modification to file is a mapped drive?

    I have tried to configure it, but it seems that i am still able to modify the content in the mapped drive.

     

    Thanks



  • 2.  RE: SEPM Application control

    Broadcom Employee
    Posted Jan 19, 2012 12:05 AM

    How have you set the application rule?

    can you please post it here?

    Has the client been reboot after taking the new policy?



  • 3.  RE: SEPM Application control

    Posted Jan 19, 2012 09:47 AM

    I did not reboot the client after adding in the policy. is there a need to do that after implementation of application policy?

     

    Here's my config.



  • 4.  RE: SEPM Application control

    Posted Jan 31, 2012 01:23 AM

    Please reboot the Client

    Regards



  • 5.  RE: SEPM Application control

    Posted Jan 31, 2012 06:36 AM

    As per Pete's post, make sure the A&DC component is installed, client rebooted, and client is using the latest policy.

    I have a couple of questions of my own though.

    What version of SEP is the client running?  Remember that A&DC in SEP11 doesn't work on 64bit clients.

    Have you tried using the full share path rather than the mapped drive letter to identify the folder?

    Finally, can you enable logging for read attempts as well, this will help us identify if the SEP client it even correctly recognising the network location.

    #EDIT#

    Something to add.  You might wanna take a look at this article:

    http://www.symantec.com/docs/TECH145973

    "When you apply a condition to all entities in a particular folder, a best practice is to use folder_name\* or folder_name\*\*. One asterisk includes all the files and folders in the named folder. Use folder_name\*\* to include every file and folder in the named folder plus every file and folder in every subfolder."