Lately I was working with DLP, for pendrives and RW CD/DVD works great, but with smartphones, especially with those that work with Android OS I have too much troubles, with apple products there's an specific ID and vendor ID, so I put them all, all apple devices (Iphone, Ipad) are blocked. Now with Android devices there is a lot of troubles, first I used this link: https://kc.mcafee.com/corporate/index?page=content&id=KB73171 for some devices worked well, but others devices just pass the rule, then I tried to put the ID and vendor ID, once again worked for some devices and not for others, those were chinese version of samsung and another unknown models. My question is, How can I block the usb port for all kind of devices? because if I have to put every Vendor ID and ID model, I never will end, new models arrive and sometimes it is impossible to control all the personal into an institution, I can't go and just said "don't bring your non corporate device to work!". How can I configure for an massive control instead item by item control?
That's correct. As far as the PID and VID for apple is concerned, it's going to be very specific. The VID is always going to be the same (Apple) and the PID will only be a handful of items (each iPhone/iPad/iEtc device has its own). For Android devices, the VID will be any Vendor that makes the phone (Samsung, HTC, LG just to name a few) and each will have different PIDs for the devices they put out. Some even having different PIDs for different carriers.
Perhaps you should create a more general rule for blocking devices and just exclude your approved devices instead?
Tony is correct. You will need to declare the items as you find necessary. The above list helps you with Apple devices.
Here is a free utility that will help you determine the VID or PID http://www.nirsoft.net/utils/usb_devices_view.html
HOpe that helps.
Not sure if you're able to achieve this. I have similar issue and this is how I'm able to overcome mine
I Blocked All USB devices and Allow Encrypted Devices only. As a result of this all USB access will get access denied and if access is required they will click on request bypass and all Approved Encrypted USB go Scott free!
All portable devices - No Access, No Charging, No Read Only!
Hopes this help and good luck