How to block ethernet tethering by Endpoint Protection
search cancel

How to block ethernet tethering by Endpoint Protection

book

Article ID: 165194

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

To prevent internal information run out or malicious code run in through tethered device, you want to block all ethernet tethering by using Endpoint Protection policy.

Resolution

  1. Register the Tethering NIC name and Using a "Firewall rule" to block the traffic go through the NIC.
    1. Verify Tethering NIC via DevViewer (https://support.symantec.com/en_US/article.TECH103401.html) eg: Apple Mobile Device Ethernet
    2. Register Tethering NIC on SEPM > Policy > Policy Components > Network Adapters > Add a Network service
    3. Go to Firewall policy >Add Rule > Block connection
    4. Click Adapter on the Rule, select More Adapters to choose Tethering NIC

 

  1. Using an "Device blocking rule" to disable the Tethering Device ID
    1. Verify Tethering Device ID via DevViewer (https://support.symantec.com/en_US/article.TECH103401.html)
    2. Register Tethering Device ID on SEPM > Policy > Policy Components > Hardware Devices > Add a Hardware Devices
    3. Go to Device Control policy >Add Rule under Blocked Devices > Add Tethering Device ID

 

Powered by Wolken Software