Endpoint Protection

 View Only

  • 1.  About USB Flash Drive or Pen Drive......

    Posted Oct 06, 2009 02:38 AM
    I can easily enable disable USB flash drive, USB printer, Digital Camera and others through users ploicy. but my question is; is there any way where i can assign a selected USB flash drive which can be access but others flash are disable...




  • 2.  RE: About USB Flash Drive or Pen Drive......
    Best Answer

    Posted Oct 06, 2009 02:43 AM
    You can refer the below
    discussions

    http://www.symantec.com/connect/forums/adding-device-control-existing-sep-clients

    http://www.symantec.com/connect/forums/device-cont...

    and this doc

    How to block USB Thumb Drives
    and USB Hard Drives, but allow specific USB Drives in the Application and
    Device Control Policy in Symantec Endpoint Protection

    http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/b54beb2f46268ccc882574e80052960f?OpenDocument
     


  • 3.  RE: About USB Flash Drive or Pen Drive......

    Posted Oct 06, 2009 03:27 AM
    Thank you Aravind.


  • 4.  RE: About USB Flash Drive or Pen Drive......

    Posted Oct 06, 2009 03:53 AM
    Device control is done based on Device ID.. According to my knowledge Device ID is same for most of the PEN drives... Try to get the device ID's for multiple Pen drives and check... If you find it different you can block it...


  • 5.  RE: About USB Flash Drive or Pen Drive......

    Posted Oct 06, 2009 08:23 AM

    Whether your problem got solved?or still it is present?

     


  • 6.  RE: About USB Flash Drive or Pen Drive......

    Posted Oct 06, 2009 11:32 AM
    Hi,

           Attached please find the screenshot for getting a device id for a USB device and then configuring it in the Application and Device control policy.


    Adding a device id.JPG


  • 7.  RE: About USB Flash Drive or Pen Drive......

    Posted Oct 07, 2009 09:03 PM
    I was doing some testing with this just this afternoon.  In my experience, I tried 3 thumb drives from the same manufacture, same model.  Each one had it's own unique device ID.

    I was able to set a policy to block 'Disk Drives', and add an exception to allow one specific thumb drive, by device id.  I put different thumb drives in the computer, and although it took a moment in some cases, it blocked all of the thumb drives except for the one I had specifically allowed.

    The one thing I missed in the instructions was that I had to add the device in the hardware devices section of the policies tab, so it took me a while to get it working.  Fortunately, Sandip's last screenshot makes that pretty clear, so you can't miss it!

    Oh, the other stumbling block I had was that I tried to grab the device ID of the thumb drive based on the 'USB Mass Storage' item in device manager under USB, rather than the 'Imation Flash Drive' or whatever it was called under the 'Disk Drives' group.  Use the Disk Drives item to get the device id, not the USB item.

    Good luck!