I need a solution

Hello all,

Due to recent events at our facility, I’m in the process of determining the best way to block thumb and disk from being accessible. Unfortunately there is a third type of that needs to be allowed, which is a USB dongle that contains licensing information for different pieces of for devices. Looking through , there are three options that kind of apply to me:

USB (Class 36fc9e60…)
Disk Drives (Class: 4d36e967…)
The Device ID of this specific device.

Previously while testing on two different operating systems (Windows 7, Windows 10… soon Windows XP), we have had mixed results between the devices. The USB class was set as blocked, and did prohibit both USB thumb drives and portable hard drives from being used. We did have an instance where eventually a keyboard / mouse didn’t work, so I added Human Interface Devices to be allowed, and that resolved the issue on one Windows 7 computer (no others had this problem).

While testing this USB Dongle, it worked by default on the Windows 7 machine however on my Windows 10 machine it was blocked. Ok, makes sense, it shares the same GUID as USB. I thought about adding Disk Drives as a blocked device, and allowing USB instead… but the thing that scares me is I see standard internal hard drives as having the same GUID.

How does ADC work when it comes to choosing what devices would be allowed, and what wouldn’t? How would ADC not cause issues by blocking an already installed hard drive on a machine? Also, if we blocked USB however added individual Device ID’s for each USB dongle we come across, would that take priority over the USB blocking?



Source link https://www.symantec.com/connect/forums/adc-device-control-question-regarding-usb-drives-disks-and-usb-license-dongles


Please enter your comment!
Please enter your name here