This issue has been solved.

User-based USB stick control

Created: 19 Jan 2010 • Updated: 21 May 2010
Login to vote
+1 1 Vote

I have a simple question: is it possible to create a rule to allow a USB stick from a certain maker (identified through serial number) based on the user currently logged on on the workstation? Most solutions only allow rule creation based on the workstation itself, but what I want to accomplish is: whatever workstation the user logs on, the rule will be applied and the USB stick will be allowed.

Thank you in advance.

Quick Look Solution

Hi

yes it can be done

when you instal sep you have 2 options
1 user mode
2 computer mode
you can trun the workstation to user mode
right click and user mode
policy will be applied just for the user (where ever he logs in )

check this
How to create a rule that will allow only specific USB’s on to your network.

http://service1.symantec.com/support/ent-security.nsf/docid/2009031809381448

https://www-secure.symantec.com/connect/forums/computer-mode-vs-user-mode-0

Filed Under

Comments

Vikram Kumar-SAV to SEP
Symantec Employee
Accredited
19
Jan
2010

 This can be done via

 This can be done via Symantec Endpoint Protection -Device Control for sure..

Vikram Kumar

Symantec Consultant

The most helpful part of entire Symantec connect is the Search button..do use it.

19
Jan
2010
SOLUTION

Hi

yes it can be done

when you instal sep you have 2 options
1 user mode
2 computer mode
you can trun the workstation to user mode
right click and user mode
policy will be applied just for the user (where ever he logs in )

check this
How to create a rule that will allow only specific USB’s on to your network.

http://service1.symantec.com/support/ent-security.nsf/docid/2009031809381448

https://www-secure.symantec.com/connect/forums/computer-mode-vs-user-mode-0

20
Jan
2010

doubt

Naor Penso
Partner
20
Jan
2010

Its not possible on Symantec DLP

Device Control is a part of Symantec Endpoint Protection.
Symantec DLP (version 10)  Could enforce rules of whom could copy what do a DOK, but the system cannot enforce rules on which type of DOK.

Regards,
Naor Penso

For Forum threads, please click "Mark as Solution" if answered.
For all content, please give a thumbs up if you agree with or support the post.
Thanks :)

20
Jan
2010

In short, it's possible

In short, it's possible through SEP, but not through Vontu. Is that correct?

Thank you all for the answers.

jjesse
Trusted Advisor
Accredited
Certified
20
Jan
2010

in short yes

through SEP yes, Vontu no

Jonathan Jesse Practice Principal ITS Partners

20
Jan
2010

Hi,

As was already told, Yes it's quite possible with SEP... :) ... Here is a small suggestion from me..

* Create a new group in the SEPM which would basically have the block policy ...
* Right click on the group and choose Import AD or LDAP users...  and that would give you the list of AD users..
* Import or add the users for which you would like to apply this "Block USB" policy...

Active directory users and computers always have a high priority than the customer groups, so.. basically when anyone of the restricted user logs into any one of the computer in your network, the client would automatcially communicate with this "Block USB group" and take those policies... and if anyone else logs in, it will refer to the custom group...

And as far as blocking specific device, you can use the device ID to block any piece of h/w ... This can be obtained by running the Device Viewer from CD2 ...

Correct me If have gone wrong somwhere ... :)

Cheers,
Visu.

Cheers,
Visu.

I came, I saw, I err ;)

21
Jan
2010

Thank you all for the help.

Thank you all for the help. Much appreciated.

Regards,
Andre.