Yes - use the first part of my message above
This part -
Exclude printers by going into application and device control under policies, hardware devices, and add a new hardware device.
Choose DEVICE ID and then paste in this value:
*USBPRINT\*
For device name, call it something like "Our USB Printers" for example.
OK, then add it to the not block, or exclude at the bottom of the device control policy - it's below the pane where you choose devices TO block.
That way all usb printers of any brand will be allowed or excluded. BE SURE TO PUT THAT IN THE LOWER PANE - the "Devices excluded from blocking" secion - "use this pane to manage the list of devices to which you want to allow access"
You must define as I've said above, then add that to the lower exclude section. You can block to your heart's content, but if you add that definition, and place it in the excluded section, then all USB printers regardless of brand or model will function.
I block *USBSTOR\Disk*
I exclude or allow *USBPRINT\*
You must include the * in the ID portion - that's not a typo - copy those exactly and leave the * in place.
Works like a charm for us - I block everything that has USB storage, and allow any and all UBS printers, regardless of make and model with those two simple definitions. That's literally as simple as it gets.
I don't use "CLASSES" of devices except bluetooth which we also block.