search cancel

In a Hybrid SEPM - SES cloud environment, device control policies are not blocking or allowing devices as expected.


Article ID: 253587


Updated On:


Endpoint Security Endpoint Security Complete


Using an imported device control policy, you may find devices in your allow list are not being allowed, or devices that are set to block are not being blocked as expected. 


SES hybrid. Imported device control policy from an on-premise SEPM. 


SEPM policies are ordered and processed differently then SES cloud policies. 
In SES cloud, ordering is important. A block policy above the allow policy will process the block rule before the allow policy, and visa versa. 
Imported policies are not re-ordered automatically. If a block rule is added before and allow rule of the same type, it can conflict with expected behavior. 


This is a known issue and Broadcom is working to resolve.


Delete and re-add all your block rules. This will auto reorder them to the optimal ordering. This should resolve the issue and Device blocking should work as expected.