Hi all,
I’ve set up a “Location” template that applies to systems when two conditions are met:
1) Client computer uses wireless.
2) Client computer uses Ethernet.
I then applied a Application and Device Control Policy that blocks Network adapters, PCMCIA slots, and USB devices.
The intent is to have SEP detect systems that have both a wireless network connection and a wired Ethernet connection running simultaneously, and then to block network access until one of the connections is closed. So far, the setup I described works reasonabley well . However, I’m noticing that the device blocking seems rather contentious in that the device is blocked for a short duration and then unblocked. The cycle repeats over and over-blocked, unblocked, blocked, unblocked- each segment lasting anywhere from a few seconds to 10 to 15 seconds.
To determine what’s going on, I have the systems’ device manager open and I’m watching the status of the network devices getting red “X” out and simultaneously, I have multiple web-browsers open attempting to access various web-pages.
Is this contentious blocking of devices the expected behavior of SEP under these conditions? Granted, a user afflicted with the symptom I’m describing will not find their system particularly useful (part of our goal..), but I would have expected that the devices would be constantly blocked until one of the qualifying conditions was not present (removing one of the network connections.).
BTW, detection of the conditions works great; no blocks occur unless both conditions are met and the network activity returns to normal shortly after one of the conditions is removed.
TIA