Endpoint Protection

 View Only
  • 1.  Block USB Device

    Posted Jun 27, 2012 03:50 AM

    i'm newbie on this forum,

    Is it possible to block USB mass storage devices from SEPM?



  • 2.  RE: Block USB Device

    Broadcom Employee
    Posted Jun 27, 2012 03:59 AM

    yes it is possible, check these links

     

    How to block or allow device's in Symantec Endpoint Protection
    https://www-secure.symantec.com/connect/articles/how-block-or-allow-devices-symantec-endpoint-protection

    Symantec Endpoint Protection Manager - Application and Device Control - Policies explained
    http://www.symantec.com/docs/TECH104431


    WhitePaper on Application and Device Control:
    http://www.symantec.com/avcenter/security/ADC/Configuring_Application_Control_1.1.pdf


    How to block USB Thumb Drives and USB Hard Drives, but allow specific USB Drives in the Application and Device Control Policy in Symantec Endpoint Protection.
    http://bit.ly/uTVdha

    How to block USB flash drives while allowing other USB devices.
    http://www.symantec.com/docs/TECH104299

    How to block USB devices while excluding mouse and keyboard?
    http://www.symantec.com/docs/TECH161779

    How to block USB hard drives, but allow reading specific USB drives in the Application and Device Control Policy?
    http://www.symantec.com/docs/TECH173724



  • 3.  RE: Block USB Device
    Best Answer

    Posted Jun 27, 2012 04:55 AM

    Hi there,

    1. Enter in SEPM Console -> Policies Tab -> Application and Device Control

    (next you re creating Device Name in Policy Components -> Hardware Devices. with identification USBSTOR*)

    2. Add Policy -> Application Control -> Block Writing to USB Drives

    3. on Device Control -> in Blocked Devices click Add -> select USB class -> OK

    4. on Devices Excluded from Blocking -> click Add -> choose Human Interface Devices -> OK

    5. and finnaly apply this policy to Groups

     

    hope it will help you

     

     



  • 4.  RE: Block USB Device

    Posted Jun 27, 2012 05:34 AM

    How to create a rule that will allow only specific USB’s on to your network.
    http://service1.symantec.com/support/ent-security.nsf/docid/2009031809381448

    How to use Application and Device Control to block all USB devices except those I specifically want to allow
    http://service1.symantec.com/support/ent-security.nsf/docid/2008083110540548

    This might also help.



  • 5.  RE: Block USB Device

    Posted Jun 27, 2012 09:08 AM

    Thank you all