My network is running ePO V4.0 with DLP V188.8.131.52
I've been through a basic training course for HBSS and we went over how to allow specific USB devices, but I don't seem to be putting in the information correctly because I can't get it to work.
My desired outcome would be all, but approved, USB devices would be blocked and deny access. I think it may be how I enter the serial number for the device itself.
I have a definition made for specific Approved USB Devices. Under USB Device Serial Number, I have tried 1110250021E3&0 as it appears in my registry, 1110250021E30, and 16A0CD8B as it appears in msinfo32.
I have another definiton - Bus Type: USB - Block On/Off, Monitor On/Off, Notify On/Off
Under Device Rule, my rule has Bus Type: USB - Block On/Off, Monitor On/Off, Notify On/Off is checked for Include, and my Approved device definition for Exclude.
When I plug in the aprroved device, I still recieve the Pop-Up message stating the device is blocked, and access to the drive is denied.
Also, I am making sure the policy is applied, and the machine I am testing on has the new policy.
Can anyone provide me some info as to what I may be doing wrong, or maybe an example of a working setup I may reference?
The installation guide suggests running in a monitor only mode during initial deployment so you can do as virgona suggests: collect the device information from the monitor and use that to build your excluded device list without impacting the environment.