Endpoint Protection

 View Only

How to block users to perform download of files with specific extentions using Application and Device Control. 

Apr 02, 2012 12:51 PM

Solution:

Here are the Steps to try:

1. Log in to the Symantec Endpoint Protection Manager (SEPM).
2. Click on Policies.
3. Click on Application and Device Control.
4. Under Tasks, click on Add an Application and Device Control Policy.
5. On the top left click on Application Control.
6. Click on the Add... button.
7. Type a name for the Rule
8. Click on the Add... button on the bottom right "Apply this rule to the Following processes".
9. Type a name of the browsers processes that will not to able to download the file. Example: IEXPLORE.EXE (Can you add more than one process)
 
 
 
10. Click Ok.
11. Click on the Add... button on the bottom left under Rules.
12. Select Add Condition.
13. Select File and Folder Access Attempts.
14. Click on the Add... button on the right next to "Apply this rule to the Following files and folders".
15. On File or Folder Name to Match, type "*.extention". Example: " *.exe "  (without quotes) (Can you add more than one extention or file)
 
 
 
 
16. Click Ok.
17 . On Actions Tab in Read Attempt and Create, Delete, or Write Attempt select "Block Access"
Optional: Can you Check Notify User for example "Is not permited download executable files, contact the administrator"
 
 
 
 
16. Click Ok.
17 . Set to Production
18. Click Ok.
18. Click Yes to assign the policy.
19. Check the boxes for any group that the policy should be applied to.

20. Click OK

 

Please NOTE: Network Threat Protection feature is required to be installed on the machines carrying SEP 11.x, where as it is an optional, incase of SEP 12.1 clients.

 

You could also try:

Hardening Symantec Endpoint Protection (SEP) with an Application and Device Control Policy to increase security

http://www.symantec.com/docs/TECH132337

Hope that helps!!

Statistics
0 Favorited
9 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Comments

Aug 03, 2017 08:21 AM

Hello,

How can we exempt any application to download

Aug 03, 2017 08:17 AM

Hello,

How can we exempt any application to download

Mar 20, 2015 05:35 PM

I called symantec support center by the phone. I applied these rule but it is not working. Tecnical support person remote connect to our sep server. They didnt see any mistake on the policy. They said that we dont support from explorer and chrome  block .exe .com file.

 

So we can not block users to perform download of files with specific extentions using Application and Device Control. Symantec not supporting this service. :(

 

Apr 25, 2012 10:53 AM

Very useful, thank you -- thumbs up!

However, are you sure it's possible to add more than one process or extension in one row? Doesn't work here.

Apr 06, 2012 11:20 PM

good to see block the application download

vote up !!!!

Apr 06, 2012 11:47 AM

This is the first thing, I will be performing on my network.

Thank you.

Apr 03, 2012 11:15 PM

Helpful docs.

yes

Apr 03, 2012 11:13 PM

We are using SEP 12.1 only, so it is not required to install full protection?

Apr 03, 2012 08:31 AM

Hello,

NOTE: Network Threat Protection feature is required to be installed on the machines carrying SEP 11.x, where as it is an optional, incase of SEP 12.1 clients.

Apr 03, 2012 05:00 AM

Useful article, but one doubt this option will work only if we install full protection on the clients?

Related Entries and Links

No Related Resource entered.