Endpoint Protection

I have the policy of USB Blockage where I have added the Human Interface and WebCam in Exception.

So pls confirm me with this id can we able to access the internal/external WebCam.

Hello,

I would suggest you checking this Article:

https://www-secure.symantec.com/connect/articles/how-block-or-allow-devices-symantec-endpoint-protection

Hope that helps!!

Hi mithun,

thanks for the link but can you just clear me my point because I need to revert somone.

i have updated the  Class: {6bdd1fc6-810f-11d0-bec7-08002be2092f} in Exception.

Is this calss id for both internal and external image device?

Imaging Devices (Scanners, Digital Cameras, etc)  Class: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

check this link

http://support.microsoft.com/kb/929087

Hello,

I am afraid, it is not.

Apologize, It seems you have not read the above article provided properly.

It states, "For a list of Class IDs you can click here." and this link directs to 

http://msdn.microsoft.com/en-us/library/windows/hardware/ff553426%28v=vs.85%29.aspx

However, You need to exclude the Device ID or Class ID of the webcam (internal / external). You may use the DevViewer.exe tool from the SEP Manager setup CD (Under Tools folder) to copy those IDs to clipboard.

However, the important point is that you'll confront with things like that in the future. If all you want to do is block all USB storage, I'd suggest you to create a new Device ID under Policy Components -> Hardware Devices with this ID: USBSTOR*

You can use wild cards like * (star) in those fields. And all usb storage device IDs start with USBSTOR tag. That way you will not need to block whole USB class which will always lead problems.

In addition, in the future you'll see that some USB hard drives do not go under USB class and do not get blocked. So you'll have to use this method anyway.

How Symantec Endpoint Protection Device Control processes Windows device GUIDs and device IDs.

http://www.symantec.com/docs/HOWTO60964

DevViewer - a tool for finding hardware device ID for Device Blocking in Symantec Endpoint Protection

http://www.symantec.com/docs/TECH103401

Hope that helps!!

Check this link,

http://msdn.microsoft.com/en-us/library/windows/hardware/ff553426%28v=vs.85%29.aspx

Both will work with the same Class Id but if any other fetaure available in the same Web Cam then it require to add the device id of that feature in Exception for Acess.

For the Exception of other feature use the dev viewer tool

http://www.symantec.com/docs/TECH103401

I have created one policy as use my personal webcam. So rename this as a dat and update in to your server or try as same process

Attachment(s)

webcam.txt   11 KB 1 version

I will try this attach

I have try this policy, it's working. Thanks for sharing