Block Bluetooth file transfer in Endpoint Protection
search cancel

Block Bluetooth file transfer in Endpoint Protection

book

Article ID: 367078

calendar_today

Updated On:

Products

Endpoint Security Endpoint Security Complete

Issue/Introduction

How can I block Bluetooth file transfers in Symantec Endpoint Security  

Resolution

  1. In the Console go to the Policies page
  2. In the 'Policy Type' section select 'Custom Application Behavior'
  3. Select the Policy that applies to the desired computers or create a new policy
  4. In the policy click the 'Add Rule Set' button in the middle on the right-hand side.
    1. On the 'Add Rule Set' page, Enter a 'RULE SET NAME*' and optional 'DESCRIPTION'
    2. Click the 'Add Rule' button on the right-hand side
      1. On the 'Add Rule' page for 'Define Applications', Enter a 'RULE NAME*' and optional 'DESCRIPTION'
      2. Click the 'Add Application' button on the right-hand side
        1. On the 'Add Application' page, In the 'NAME APPLICATION TO MATCH*' field enter an Asterix (*)
        2. In the 'Only match applications running from the following drive types' section, make sure that only 'Only match applications running on the following device id type' is selected
        3. Enter the desired value. Example: BTH\MS_RFCOMM\*
        4. Click 'Save Included Application'
      3. Click 'Next'
    3. On the 'Add Rule' page for 'Behaviors and Actions'
    4. In the 'Behaviors and Actions' list make sure 'File and Folder Access Attempts' is selected
    5. Click the 'Add Condition' button on the right-hand side
      1. On the 'Add Condition : File and Folder Access Attempts' page, enter a 'NAME*' and optional 'DESCRIPTION'
      2. Make sure the 'Enable this condition' checkbox is selected
      3. Click the 'Add Files and Folders' button on the right-hand side
        1. On the 'Add File and Folder Define' page, In the 'File or Folder Name to Match*' field enter an asterix (*)
        2. In the 'Only match files running from the following drive types' section select 'Only match applications running on the following device id type'
          and enter the desired value.  Example: BTH\MS_RFCOMM\*
        3. Click 'Save file or Folder Definition'
      4. Click 'Next'
    6. On the 'Edit Condition : File and Folder Access Attempts' page, select the desired action.  Example:  'Block Access' for both.
    7. Click 'Save Condition'
  5. Click 'Next'
  6. Click 'OK'
  7. Make sure the rule is Enabled
  8. Click 'Save' on the policy page