How to a block Network Printing when using Symantec Endpoint Protection Manager (SEPM)?
If the above method fails to resolve the issue and block desired printers, try the following steps to completely block the Print Spooler service.
This rule blocks discovery of network printers. It may not block printing to a device that is already known to the system.
If you are trying to block printing to printers that use Internet Printing Protocol (IPP) you can do this with a rule blocking port 80 (TCP and UDP) on private networks. This should be carefully tested before implementation, however, as port 80 is used for many services.
The alternate method completely blocks all printing services, including network, local and virtual printers.