Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 2 subscribers
  • Views 2241 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Device Control exemptions

Dan Petford

Hi

When using the Sophos Enterprise Console to exempt devices, i.e External USB HDD's, when selecting the 'This Device Only' option, it allows you to put a comment.

However if you get more than one device with the same Model & Device ID, it overwrites the previous entry, this makes it difficult to find out whose device it is as we put the comment as the user.

I would have thought that selecting the 'All devices with this model ID' would have had the above outcome, hence selecting 'This Device Only'.

Kind regards, Dan Petford



This thread was automatically locked due to age.
  • 0

    Hi

    When using the Sophos Enterprise Console to exempt devices, i.e External USB HDD's, when selecting the 'This Device Only' option, it allows you to put a comment.

    However if you get more than one device with the same Model & Device ID, it overwrites the previous entry, this makes it difficult to find out whose device it is as we put the comment as the user.

    I would have thought that selecting the 'All devices with this model ID' would have had the above outcome, hence selecting 'This Device Only'.

    Kind regards, Dan Petford

  • 0

    Hello Dan Petford,

    [this was in the wrong forum - I've joined it]

    In many cases the Device ID isn't more specific than the Model ID and in most cases the Device ID isn't unique (e.g. containing the S/N). Thus you can't identify a particular device - and therefore whose device it is. At most you could associate a list of users with an unknown number of alike devices.

    it overwrites the previous entry
    I don't quite get what you mean ... if you try to exempt a device with the same Model & Device ID as an already exempted one the comment field is populated with the existing comment. So who/what overwrites where?

    Christian

  • 0 in reply to QC

    Thanks Christian, I have joined that forum now.

    Thanks for the information, as for the overwriting of previous entry, I wanted to be able to know whose device is whose by exempting 'This device only' and then labelling the comment as whose the device is.

    But looking at you say this can't be done, as yes you are correct it populates the field with the previous name that;'s associated with the Model/Device ID.

    With the above happening, it means anyone with that same id can use it?

  • +1 in reply to Dan Petford

    Hello Dan Petford,

    with SEC you can assign policies only to computers (or rather, groups of computers), not users (Central does permit user-specific policies). The exemption is applied on all computers (regardless of the user) that have a policy assigned that contains this exemption. Furthermore, all devices that present the same Model/Device ID are exempted (naturally, I'd say, as they can't be discerned from the POV of Device Control).

    Christian

Unfiltered HTML