Endpoint Protection

 View Only

  • 1.  how to bypass USB Debuggers from USB Disable Category

    Posted Sep 25, 2009 12:40 AM
    I have created USB Disable group in SEPM & moved clients into this group but In my organistaion some people use USB Debuggers for testing purpose & even this is getting disabled ..how do I allow these things..but these are not mass storage devices

    few blocked Examples are here

    Device Manager Message The device was disabled successfully. [name]:Microchip MPLAB ICD 2 Firmware Client [class]:MicrochipTools [guid]:deb97e2c-8b0f-446f-b280-7cfac41c3bd9 [deviceID]:USB\VID_04D8&PID_8001\5&11DAD59D&0&1
    Device Manager Message The device was disabled successfully. [name]:SPX-MVCI [class]:Network adapters [guid]:4d36e972-e325-11ce-bfc1-08002be10318 [deviceID]:USB\VID_125E&PID_180D\000001
    Device Manager Message Plug in the device again or restart to enable the device. [name]:Spectrum Digital XDS510 USB [class]:SD USB Based Debug Tools [guid]:5ea49935-3617-468a-95c0-c2aac353d35b [deviceID]:USB\VID_0C55&PID_0510\S656650616112522
    Device Manager Message Failed to disable and remove the device. [name]:HP Deskjet D2500 series (DOT4) [class]:IEEE 1284.4 devices [guid]:(null) [deviceID]:DOT4USB\VID_03F0&PID_1E04&MI_01&DOT4\7&98F0852&0&1
    Device Manager Message The device was disabled successfully. [name]:PCAN-USB Device [class]:CAN-USB-Hardware [guid]:ff646f80-8def-11d2-9449-00105a075f6b [deviceID]:USB\VID_0C72&PID_000C\5&11DAD59D&0&1
    Device Manager Message The device was disabled successfully. [name]:J-Link driver [class]:Universal Serial Bus controllers [guid]:36fc9e60-c465-11cf-8056-444553540000 [deviceID]:USB\VID_1366&PID_0101\123456
    Device Manager Message Plug in the device again or restart to enable the device. [name]:Lauterbach PODBUS USB Controller (WDM) [class]:Trace32 Devices [guid]:74333263-c465-11cf-8056-444553540000 [deviceID]:USB\VID_0897&PID_0002\5&425E0F2&0&7



  • 2.  RE: how to bypass USB Debuggers from USB Disable Category

    Posted Sep 25, 2009 01:02 AM

    How to use Application and Device Control to block all USB devices except those I specifically want to allow

    http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008083110540548

     


  • 3.  RE: how to bypass USB Debuggers from USB Disable Category
    Best Answer

    Posted Sep 25, 2009 01:19 AM

    You can also refer the below discussions

    http://www.symantec.com/connect/forums/adding-device-control-existing-sep-clients

    http://www.symantec.com/connect/forums/device-control-policy-query

    and this doc

    How to block USB Thumb Drives and USB Hard Drives, but allow specific USB Drives in the Application and Device Control Policy in Symantec Endpoint Protection

    http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/b54beb2f46268ccc882574e80052960f?OpenDocument

     


  • 4.  RE: how to bypass USB Debuggers from USB Disable Category

    Posted Sep 25, 2009 01:38 AM
    thanks for your help....