Endpoint Protection Application and Device Control Policies explained
Article ID: 151479
Updated On:
Products
Issue/Introduction
This document provides detailed information on settings available in the Application and Device Control (ADC) policy for Symantec Endpoint Protection (SEP).
Environment
Symantec Endpoint Protection Manager (SEPM)
Resolution
Application Control rule sets list
Use this page to view and manage Application Control (AC) rule sets for the selected Application and Device Control Policy. An application control rule set contains the rule conditions that monitor specified files, folders, and processes. Create or modify a collection of rules for the selected policy.
Application Control rule sets configuration options
| Option | Description |
| Enabled | Defines whether this rule set is in use. Disabled rule sets are not evaluated. |
| Rule Sets | The name of the rule set. A single policy can contain multiple rule sets. |
| Test/Production |
Defines whether this collection of rules is in Test (log only) mode or in Production mode. Rule sets in Test mode will not block, but will log events based on the configuration of the rules. |
Note: The SEPM comes with several AC rule sets that can be used as templates to secure an environment against certain types of threats. The rule sets available will depend on which version of SEPM is installed.
Add Application Control rule set
Use this dialog to configure options for a collection of rules in an Application Control policy. These rules make up the rule set.
Add or delete devices to block or exclude from blocking.
Note: The list in the Devices Excluded From Blocking table does NOT show all of the allowed devices. This list shows the exceptions to the Blocked Devices list.
Device blocking options
| Group or option | Description |
| Device Name | The name of the device that is blocked or excluded from blocking. Add or delete devices from this list. |
| Identification | The ID of the device that is blocked or excluded from blocking. |
| Log blocked devices | When this option is enabled, an entry is added to the security log whenever a device is blocked. This option is enabled by default. |
| Notify users when devices are blocked | When this option is enabled, a message is displayed on the client indicating when devices are blocked or unblocked. If this option is enabled, click Specify Message Text to create the message. This option is disabled by default. |
Additional Information
Feedback
