Video Screencast Help

Application/Device Control - Use of Wildcards for Device ID's

Created: 17 Aug 2009 • Updated: 17 Jun 2013 | 4 comments
Travador's picture
3 Agree
0 Disagree
+3 3 Votes
Login to vote
Status: Already Offered

I would like to be able to use Wildcards with Device ID's when setting up allowances for the Device Control portion of SEP 11.x

Currently my situation is that I would like to use the application and device control portion of Sep 11.x for usb connections-

I have blocked most USB devices-

I am attempting to allow my Smartphone (Blackberry access to the computer) as well as others that I want to allow. My trouble beings with the following:

(My blackberry)
USB\VID_0FCA&PID_0004&MI_00\6&307EE25&0&1212

(Co-Workers blackberry)
USB\VID_0FCA&PID_0004&MI_00\6&7474EB5&0&1215

As you can see the device ID's are different and so then I must make a rule for each phone that I want to be allowed-

A simple solution would be to do the following:

USB\VID_0FCA&PID_0004&MI_00\*

However it does not work because the use of wildcards is not allowed -

Thus I have to make a rule for each phone that I want to allow USB access - This would not be a big deal but I have 120 phones to set rules for not to mention have to change the rule out everytime someone needs to swap a phone.

 

Comments 4 CommentsJump to latest comment

Jeremy Dundon's picture

You are making exclusions for the devices by adding a Hardware Device with a Device ID?

Have you tried using a Class ID?

The DEV Viewer should be able to give you both. 

0
Login to vote
RAJP's picture

We always use Device IDs, even for Blackberry's, and wildcard it exactly like you showed. What version are you on? We started with MR4 MP1a.

Ray

0
Login to vote
ash1010's picture

I think this may work
USB\VID_0FCA&PID_0004&MI_00\6&*

0
Login to vote
Elisha's picture

A simple solution would be to do the following:

USB\VID_0FCA&PID_0004&MI_00\*

However it does not work because the use of wildcards is not allowed

This is a valid use for wildcards.  If this does not work you may be running into some other issue.  Please see:

https://www-secure.symantec.com/connect/articles/how-block-or-allow-devices-symantec-endpoint-protection

0
Login to vote