You create a Device Control rule set that blocks a type of interface, but that has an exception to allow a specific type of device. The device is still blocked. For example, if you block CD/DVD but allow SCSI, the result is that both IDE and SCSI CD-Roms are blocked.
This behavior is as designed. When there is an overlap between device types and interface methods, the most restrictive rule applies. If you allow a device but block its interface, or allow the interface but block the device, the device will be blocked.
The Administration Guide for Symantec Endpoint Protection and Symantec Network Access Control erroneously states that blocking a port or interface but allowing a specific device on it allows the device to work.
Imported Document Id
This is machine translated content
Login to Subscribe
Please login to set up your
For security reasons, your link to this document has expired. Please click on the attachment link to access this file.
The attachment that you are looking for no longer exists.
There has been an issue retrieving your attachment. Please try again.
Currently server is down.
Didn't find the article you were looking for? Try these resources.