meesenbh Absent Member.
Absent Member.

USB connectivity policy not working on 1st connect of device


I have an problem concerning my USB connectivity policy. My endpoint zone is blocking all USB devices. Users do have access for known USB devices (USB storage devices) I have put into another USB connectivity policy which is attached to the User objects. In general everything is working fine, unknown devices are blocked and registered devices are allowed.

But I have weird behavior when a new,unknown USB device is connected the very first time. Then Windows starts detecting it, installs the driver but does NOT deactivate them. The device is displayed and accessible through the Windows Explorer. It seems something is blocking the Endpoint agent from deactivating it. Windows Autoplay and Autorun Function already HAS BEEN disabled. No Antivirus is installed on that system.

The ZES log files contain many of these messages:
""USB-Massenspeichergerät"(USB\VID_0781&PID_5151\0775131B33009E3D) failed
[09.04.2012 10:45:19.692][14] Component: Always: ZES Component Manager: Reboot Requested by: Device Watcher (Suppressed)"

Same behavior i had when Autoplay was still active: Once the Windows Autoplay did automatically open a folder or file on a new stick, the Endpoint agent was unable to deactivate the device. This seems not to be a very reliable method to block devices...!

When I disconnect and insert the device again, everything is fine (blocked). Problem only appears on very first use of a device!

My questions:

Can I somehow prevent that Windows displays new devices in the Windows Explorer before they are blocked? I would prefer that they FIRST are evaluated and THEN will be accessible for the User?

Is there another place in ZCC (except by adding USB connectivity policies to the zone) forcing the endpoint agent to block devices?
Labels (2)
1 Reply
bbeachem Absent Member.
Absent Member.

Re: USB connectivity policy not working on 1st connect of de

What version are you using? If you're not using the latest 11.2.1 MU1, then please upgrade.
For autoplay, you can block this with a policy setting as well (disable autorun and/or autoplay).
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.