SESC Device control policy devices being blocked despite allowed rules
search cancel

SESC Device control policy devices being blocked despite allowed rules

book

Article ID: 252408

calendar_today

Updated On:

Products

Endpoint Security Complete

Issue/Introduction

SESC offers Device Control Policy to block and allow devices based on the Device ID. For example you can create a policy to block all devices that contain USB storage component by adding a rule with block verdict for any Device ID starting with USBSTOR* and then create allow rules for a few devices with specific IDs only.

Based on this logic, you created a Block Rule for USBSTOR* followed with Allow Rules for a few devices that needs to be enabled.

The expectation is that: all devices from Allow Rule would work.

The result is that:  all devices are blocked despite being allowed by explicit Allow Device rules.

Cause

Policy downloaded by the client is faulty.

Resolution

Broadcom is investigating the issue. An further updates will be provided in this article.

Possible workaround based on the given example:

- Remove the USBSTOR* Block Rule and save your policy.

- Add the Allow Rule to the policy and save your policy.

- Add again the Block Rule USBSTOR* and save your policy.

This would workaround the issue. If you will have another Device to allow, the same operation has to be followed. Remove the Block rule, add the allow device rule, then add the Block rule back.

This is not exclusive to USB storage, but applies to all other Devices as well such as USBVID*, etc.

Additional Information

CRE-11286