Hi Rob,
By default, the Symantec Endpoint Protection client enables Application Control and the rule that blocks autorun.inf. You can disable this rule through Symantec Endpoint Protection Manager, but at this time you cannot disable this rule through a policy in the cloud console.
I believe this to be true still. This is enabled by default, so you should not need to set anything up to block autorun.inf in ICDm/SES
------------------------------
John Owens
Strategic Support Engineer | Symantec Endpoint Security Division (SES)
Broadcom Software
------------------------------
Original Message:
Sent: 10-04-2021 03:21 PM
From: Robert Trimble
Subject: How to block autorun.inf with applicaiton control in SES
Hello,
I've seen the SEP documentation on how to block autorun.inf with application and device control and have been through the app control policy in SES - it's not the right policy to block the file from what I can tell. Can you advise on how one case create a policy in SES to block autorun.inf on any drive?
Thanks,
Rob Trimble
TD Synnex Support Services