SES may have this as a built in rule that cannot be edited. May want to open a support case to get confirmation on that.
------------------------------
John Owens
Principal Product Support
Symantec
United States
------------------------------
Original Message:
Sent: 05-14-2020 10:48 AM
From: Ieva Auziņa
Subject: Blocks autorun.inf
Hi,
There is no such policy as Application control
Original Message:
Sent: 05-14-2020 10:36 AM
From: John Owens
Subject: Blocks autorun.inf
I believe this is in the Application Control rules, not Device Control. Have you checked there?
------------------------------
John Owens
Principal Product Support
Symantec
United States
Original Message:
Sent: 05-14-2020 09:38 AM
From: Ieva Auziņa
Subject: Blocks autorun.inf
Im managing endpoint security in SEP Cloud (https://sep.securitycloud.symantec.com/) and seems autorun.inf is blocked by following message "The process explorer.exe was blocked from modifying D:\autorun.inf"
It refers to rule "Autorun.inf_Read File" which is in Device Control policy. However, only option is to allow certain devices, not exactly modifying autorun rule.
Any suggestions / best practices how to avoid it?