Add Manual Exemptions and Use of Wildcards into Device Control for Removable Devices
On Device Control you can only add devices that are in the Add Exempt List but what if you have a company with thousands of devices could we not add a wildcard for devices ?
We have one customer who wants to enable all webcams but block most mobiles ( both shown as MTP/PTP ) so they can't allow all these. Allowing webcams by model (rather than ID) also doesn't work as integrated webcams even on similar laptops are recognised as different models so each model has to be excepted individually. Its where less granularity is needed - ie: if a device is an integrated webcam, allow it . We don't care what model / device ID it is.
Troy Beckett commented
I'm surprised there are not more votes for this suggestion. In Symantec Endpoint Projection you have the ability to do this. For example, let's say you want to allow Bluetooth connections but do not want to allow for Bluetooth file transfer, you could add the following device ID blocking for MS Windows:
This would block both the RFComm protocol as well as the Personal Area Network. The ability to add wildcards extend far beyond this example and something the competitors are already doing.