This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Device Control - Exempt single device only

Running Enterprise Conole v. 4.5.1.0

I have a Device Control Policy setup to block access to Floppy Drives. The software detects the devices on all workstations that the policy applies to. I see the devices being blocked uder the "Add Exemption" list.

I would like to use the option to "exempt device only" but it is greyed out. The only option I have is "all devices of this model"

Any suggestions would help!

Thank You!

This thread was automatically locked due to age.

0 QC over 13 years ago

Hello dv883,

built-in floppy drives have usually only a very generic identification, they not only have no unique identifier (which you'd need to exempt one device only) but also no model and thus exempting all devices of this model would practically mean all floppy drives.

May I ask what you are trying to do? Do you want to exempt the floppy drive on one (or a few) workstations?

Christian
:8429
Cancel
Vote Up 0 Vote Down

Cancel
0 dv883 over 13 years ago

Hi Christian
Thanks for the reply. What you said makes sense.
What my goal was is to block all floppy drive access, and then set 4-5 exceptions to allow. I also wanted to do the same with Optical Drive WRITE access. But from what I understand, unless a device has a unique indetifier I can not make that exception. And I am going to guess that the majority of floppy and optical devices do not have that unique identifier.
:8441
Cancel
Vote Up 0 Vote Down

Cancel
0 QC over 13 years ago

Correct. Sophos can use only the information available. If it thinks it can identify a device uniquely it will offer this option.

Christian
:8447
Cancel
Vote Up 0 Vote Down

Cancel