Is there someone who can explain why these device can pass thru USB restriction when all devices are already blocked? The SD card reader has a slot for micro SD card and it wasn't detect or even blocked.
Any idea or help on this? Thanks
Depends on how you setup the device definitions. How are your device definitions set up?
Device definitiion is defined as blocked all USB devices using Bus Type and select USB.
Is there something we miss on the definition?
Thats the problem. Almost all the built in memory card readers use the PCMCIA/PCI buses or some other bus depending on the motherboard. Use the File System Type based Device Definition. This definition does not care about what bus a device connects via and instead matches devices based on their file system.
Thanks for the response Vimanalvis. I got the restriction working when I addedd up SCSI on device parameter option instead of selecting only USB.
Glad to have it working now. Thank you very much for the help
I do not recommend using Bus Type because not only Removable Storage Devices, but also other important peripherals connect to the various System Buses. It is typically OK when using Read-Only reaction, but if you are going to use Block reaction, do not use the Bus Type definition and instead use the File System based definition.
Thanks for giving this useful recommendation. I made a new device definition which focuses on compatible ID of SD card slot for each machine (e.g. Lenovo and Dell). Previously read on other discussion how to define this device rule.