Endpoint Protection

 View Only

  • 1.  How to input device ID into Device Selection on Application and Device Control Policies

    Posted Mar 07, 2013 09:38 PM

    Hi,

    I'm using SEPM 11, and I want to set the policy to block a new hardware device on the SEP client machine. Suppose in this case i want to block the usb modem device, and i have to get the device ID by using DevViewer tool. Then, how i can input the device ID into Device Selection list on Application and Device Control Policies?

     

    Thanks & Regards,
    Barkah

     



  • 2.  RE: How to input device ID into Device Selection on Application and Device Control Policies
    Best Answer

    Posted Mar 07, 2013 09:49 PM

    Gather the Device ID of device(s) using the DevViewer tool:

    1. Find the DevViewer.exe tool on the SEP 11.0.X CD2 in the CD2\Tools\NoSupport\DevViewer folder.

    2. Plug in the device you want to gather the GUID from.

    3. Run the DevViewer.exe tool and browse to find the device. (Example, for a thumb drive, look under Disk drives)

    4. Select the device, and on the right you will see information about the device.

    5. Right click the [GUID] and select Copy GUID.

    6. Exit the DevViewer Tool.

    Add the Hardware Device into Symantec Endpoint Protection Manager policy:

    1. In the SEPM, select the Policies view.

    2. In the upper left corner of the console, under the View Policies section, click on Policy Components to expand the sub-list.

    3. Under Policy Components, select Hardware Devices.

    4. Under Tasks, select Add a Hardware Device

    5. Type in the Name you wish to call your device (example: Administrator's Thumbdrive).

    6. Select the class ID option, click in the text box and use CTRL-V to paste the Device ID you copied from the DevViewer tool.

    7. Click OK.

    Add Hardware Device to Blocking list:

    1. In the SEPM, Under View Policies, select Application and Device Control

    2. Right click your Application and Device Control Policy and select Edit.

    3. Select the Device Control view.

    4. Under the Blocked Devices section, click Add, select the device you added in the previous section and click OK and click OK

     

    Reference:

    http://www.symantec.com/business/support/index?page=content&id=TECH132353



  • 3.  RE: How to input device ID into Device Selection on Application and Device Control Policies

    Posted Mar 07, 2013 10:24 PM

    Hello,

    Look this document

    https://www-secure.symantec.com/connect/downloads/data-card-policy



  • 4.  RE: How to input device ID into Device Selection on Application and Device Control Policies

    Posted Mar 07, 2013 11:03 PM

    HI,

     

    1) first you go to policy tab in SEPM console

    2) click on policy components and choose Hardware device

    3) here you can add your device id which you want to block and allow as per your requirement,

    4) you can found the device id in system device manager and choose your device  go to property / details here you can found GUID and Device ID,

    5) once you add the device id in policy, then you go application control policy and add the device id in block or allow group.

    Thanks



  • 5.  RE: How to input device ID into Device Selection on Application and Device Control Policies

    Posted Mar 07, 2013 11:18 PM
      |   view attached

    Try the below attach pdf "Configuring_Application_Control_1.1.pdf" document to create the policy

    Here is the link also

    http://www.symantec.com/avcenter/security/ADC/Configuring_Application_Control_1.1.pdf

     

    Attachment(s)

    pdf
    Configuring_Application_Control_1.1_2.pdf   652 KB 1 version