Device Control

For each type of policy, you can create a hardware device control list. This list contains a list of blocked devices and a list of devices that are excluded from blocking.
The list does not show all of the allowed devices. This list only displays the exceptions to the
Blocked Devices
Symantec recommends that you do NOT select ports or network adapters as devices to be blocked. If you select those devices, clients with this policy applied lose all network connectivity.
Device blocking options
Group or option
Device Name
The name of the device that is blocked or excluded from blocking. You can add or delete devices from this list.
The identifier of the device that is blocked or excluded from blocking. The identifier can be either the class ID or the device ID.
Log detected devices
Adds an entry to the security log whenever Device Control blocks a device, or when a device is detected that is excluded from blocking. This option is enabled by default.
Notify users when devices are blocked or unblocked
Sends a notification to client computers when a blocked device is connected or starts up. This option is disabled by default.
Use the
Specify Message Text
option to create a custom message that appears in the notification. The operating system of the client computer limits the amount of text that can appear in the notification. To avoid the truncation of the notification text, you should use no more than 120 characters in the message.