Control Compliance Suite

  • Private Community
 View Only

  • 1.  Need to Block External SCSI Drives

    Posted Nov 06, 2019 04:59 AM

    HI,

    I need to block block external SCSI drives using SEP device control policy.

    i have tried to block but External & Internal Class ID's were same in SEP predefined category (Disk Drives

    If i block disk drives category, all internal HDD also got blocked. Is there any option to block this channel

     

    Regards,

    Chandrasekhar



  • 2.  RE: Need to Block External SCSI Drives

    Trusted Advisor
    Posted Nov 06, 2019 04:03 PM

    This is a tricky one... it's a case of trial and error until you get it working.

    See arctile on ADC - https://support.symantec.com/us/en/article.tech175220.html - if you have not seen it yet.



  • 3.  RE: Need to Block External SCSI Drives

    Posted Nov 07, 2019 04:46 AM

    As Tony states, this is an awkard one because of how devices are registered within Windows.  Windows Class GUID is not your only option though, and devices can be matched by Device ID as well...

    https://docs.microsoft.com/en-us/windows-hardware/drivers/install/identifiers-for-scsi-devices

    The above MS article gives a few examples of the types of SCSI devices that can be identified by Windows' SCSI Port drivers, as well as an example of one for a disk drive.  If you specifically want to block only SCSI Disk Drives, then you may want to try the below Device ID:

    SCSI\Disk*

    This is not exhaustive however, so you will need to perform thorough testing.



  • 4.  RE: Need to Block External SCSI Drives

    Posted Nov 07, 2019 05:05 AM

    There are USB 3.0 External/Internal HDD also showing same class ID. If we block this class ID, internal HDD also will block. or If we proceed with Device ID, it is verfy difficult to add all internal drive ID's in allow list in big environement.