Endpoint Protection

 View Only
  • 1.  SEP11 Application and Device control policy question

    Posted Jun 08, 2012 11:08 AM

    Hi

    I'm need to block application running from CD-drives and USB devices.

    Application and Device control policy is added (with seems to be correct settings) and assigned to appropriate client group where I have my test client.

    The problem is that even after I assured that the policy has been delivered and enabled, I still able to run a batch from CD.

    Please advice what have I missed, maybe there are some additional steps I need to perform?

    Thanks a lot in advance.

    br,

    Anton

     

     



  • 2.  RE: SEP11 Application and Device control policy question

    Posted Jun 08, 2012 11:27 AM

    Application and device control does not work on x64 based machines in SEP 11.x

    This feature was added/corrected as of SEP 12.1

    Is this your case, where you are running Windows 64 bit?

    Did you add your policy to log or to block access to the CD drive for example?



  • 3.  RE: SEP11 Application and Device control policy question

    Broadcom Employee
    Posted Jun 08, 2012 11:41 AM

    Hi,

    Since CD/DVD writing uses an unconventional read/write operation, SEP cannot block it directly.

    After setting up an Application and Device Control policy to block CD writing, CD writing is not blocked as expected, and write attempt is not logged

    http://www.symantec.com/business/support/index?page=content&id=TECH104800&locale=en_US

     



  • 4.  RE: SEP11 Application and Device control policy question

    Posted Jun 08, 2012 12:21 PM

    Guys,

     

    Thanks a lot for replies, will try.



  • 5.  RE: SEP11 Application and Device control policy question

    Posted Jun 10, 2012 05:57 AM

    Jason1222, I have x32 system (win xp sp3). The policy is configured to block all attempts to run any application from USB or CD. Also I have active system lock-down policy but even though I could run any batch form CD..

     

    Chetan Savade, thanks for the link but this topic is mostly about application startup from CD but not about CD writing.

     

    I still need to have a solution. Thanks in advance.



  • 6.  RE: SEP11 Application and Device control policy question

    Posted Nov 06, 2012 06:53 AM

    This forum thread has many good resources:

    https://www-secure.symantec.com/connect/forums/cd-block-through-apc