I am looking to use Application & Device Control to block USB drives but allow exceptions for certain devices using Device Control and Device IDs. However, I'd also like to use the Application Control part of the policy to also log all files that are created, written, and modified on the USB drives.
My understanding from reading Symantec documentation is that these two parts cannot be used simultaneously and unfortuantely you can only apply one type of Application and Device Control policy to a group of computers.
Any ideas on how to accomplish this? or does anyone know of a Windows feature (GPO maybe?) that will log all files being transferred between USB drives.