Forum Discussion
Block USB Drive by Serial Number
I would love to see the ability to block a USB drive by it's serial number in Defender. When you see a USB storage device as the origin of a new threat introduced on the network it would be great ...
Hello mikhailf,
Thank you for the reply. In the article Block USB in Microsoft Defender for Endpoint and Intune - Microsoft Community Hub they are creating 2 "group" XML files and 1 "policy" XML file."
* The first group is the Group XML that will specify the type of mass storage.
* The second group it to modify the XML file for your approved USB list. - Why is this needed, I want to approve all besides the ones I want to block with serial number?
* The third file which is the policy file
Br,
Robar
This is only an example.
Based on the second link you can build another policy: Specify the type of mass storage, create a group with blocked USBs, and for that group configure the access (Block in your case).
Based on the second link you can build another policy: Specify the type of mass storage, create a group with blocked USBs, and for that group configure the access (Block in your case).