- Is it possble to allow just an specific USB stick by user and host?
---Yes, you can allow or block certain USB devices, you can grant or deny access by user or computer, but not both at the same time, which means you will need to choose to use User Mode configuration or Compuer Mode configuration. do not configure some with User mode and some Computer Mode in the same domain, that never works well, if you need both, create two SEP domain, one with User Mode and the other is Computer Mode.
- Is it possible to log the files that have been moved to the devices? By loging I mean: user, file name, date and time.
--- Yes, you can monitor device activity, SEP 11.x provided pretty detailed logging information if you turn the device logging on, the log will provide you the information you listed, if you really want to get more details of what being moved, such as, the contents of the files and which to take some action at the time that the filter is triggered, Symantec has another Data Loss Prevenstion product -- Vontu, I think it is called Symantec DLP now, good product,
- What devices can have the policies applied?
--- You can apply the polices to almost all the devices, I think you may just interested in control those removable storage devices, one advise, test before you apply the policy to the clients.