Endpoint Protection Small Business Edition

Hey guys,

We tried to use Device Control and it was useful, we used the DevViewer to Check the GUID and the Device ID and add it on the SEPM Console,

HERE IS THE PROBLEM,  we found out  the  USB Broadband Stick uses the same GUID as the Optical Drive, so basically if we block the USB Broadband Stick, it also blocks the Optical Drive like CD and DVD Drives. Is there anything we can do to fix this?

from what I know GUID is for general device ID and Device ID is unique to each device so we cannot use the Device ID.

Thanks,

HI,

Basically Every device GUID are different but in your case both are using same.

Whis company USB Broadband Stick device are you using?

Device ID match till device type but vendor id is differenet. Choose the device id before Rev.

It's a PLDT WeRoam, is there any other way?

Hello,

There are two ways that devices can be identified in SEP 11.x and 12.1:

1. by Class ID
2. by Device ID

There are advantages and disadvantages of using either method and there is a different functionality for each method. 

Class ID

A Class ID is a generic category of devices that are designated by the Windows operating system.  A Class ID is always listed as a GUID.  Here are examples of Class IDs (GUID):

• Disk Drives - {4d36e967-e325-11ce-bfc1-08002be10318}
• Storage Volumes - {71a27cdd-812a-11d0-bec7-08002be2092f}
• USB devices - {36FC9E60-C465-11CF-8056-444553540000}
• DVD/CD-ROM - {4D36E965-E325-11CE-BFC1-08002BE10318}
• IDE - {4d36e96a-e325-11ce-bfc1-08002be10318}
• PCMCIA - {4d36e977-e325-11ce-bfc1-08002be10318}

In SEP, wildcards are not supported on Class IDs.

For a list of Class IDs, click here.

msdn.microsoft.com/en-us/library/windows/hardware/ff553426(v=VS.85).aspx

Device ID

A Device ID (also known as a Device Instance ID in Windows) is a specific ID that is given to each device.  A Device ID can be more effective for blocking or allowing devices because it is made by concatenating a list of data about the particular device.  Device IDs are generally in a more readable format.

Here are two common formats for Device IDs:

<class>\<type>&<vendor>&<model>&<revision>\<serial number>

<class>\<type><vendor><model><revision>\<serial number>

Here are examples of Device IDs:

• SanDisk Micro Cruzer - USBSTOR\DISK&VEN_SANDISK&PROD_CRUZER_MICRO&REV_2033\0002071406&0
• Apple iPod - USBSTOR\DiskApple___iPod____________1.62\4&3656B0&0
• Hitachi IDE Hard Drive - IDE\DISKHTS541060G9SA00_________________________MB3IC60H\4&14AA9DA8&0&0.0.0

For Device IDs wildcards are supported: * and ?.

• Asterisk [*] - means zero or more of any character
• Question mark [?] - means a single character of any value

Here are examples of using wildcards:

Any USB Storage device

• USBSTOR*

Any USB Disk

• USBSTOR\DISK*

Any USB SanDisk drive

• USBSTOR\DISK&VEN_SANDISK*

Any USB SanDisk Micro Cruzer drive

• USBSTOR\DISK&VEN_SANDISK&PROD_CRUZER_MICRO*

A specific SanDisk device

• USBSTOR\DISK&VEN_SANDISK&PROD_CRUZER_MICRO&REV_2033\0002071406&0

 It is recommended to use Device IDs over Class IDs in most cases.

Reference: 

How to Block or Allow Devices in Symantec Endpoint Protection

http://www.symantec.com/docs/TECH175220\

Hope that helps!!

This is what I'm looking for. I'd just used the wildcard for all ZTE CD Drive to be blocked.

Thanks,

Hi Mithun,

Your post is nice, 

Thank you for providing proper and simple solution..