Printer Protection - How to include specific Network printers in Group

We would like to block Network printers by default, but permit specific Network printers.  Is there a way to include specific Network printers in a Group?  The Network printers we want to allow are not connected to Windows print servers, so they don't match the "Corporate" PrinterConnectionId.

Here is out current configuration:

<Group id="{***}" Type="Device">
<Name>Allowed_Printers</Name>
<MatchType>MatchAny</MatchType>
<DescriptorIdList>
<PrinterConnectionId>Corporate</PrinterConnectionId> 
<PrinterConnectionId>File</PrinterConnectionId> 
</DescriptorIdList>
</Group>

Group id="{***}" Type="Device">
<Name>Blocked_Printers</Name>
<MatchType>MatchAny</MatchType>
<DescriptorIdList>
<PrinterConnectionId>USB</PrinterConnectionId> 
<PrinterConnectionId>Network</PrinterConnectionId> 
<PrinterConnectionId>Universal</PrinterConnectionId> 
<PrinterConnectionId>Custom</PrinterConnectionId> 
<PrinterConnectionId>Local</PrinterConnectionId> 
</DescriptorIdList>
</Group>

<PolicyRule Id="{***}">
<Name>Block_Unauthorized_Printers</Name>
<IncludedIdList>
<GroupId>{***}</GroupId> <!-- Include "Blocked_Printers" Group -->
</IncludedIdList>
<ExcludedIdList>
<GroupId>{***}</GroupId> <!-- Exclude "Allowed_Printers" Group -->
</ExcludedIdList>
<Entry Id="{***}">
<Type>Deny</Type> <!-- Deny "Blocked_Printers" Group -->
<Options>0</Options>
<AccessMask>64</AccessMask>
</Entry>
<Entry Id="{***}">
<Type>AuditDenied</Type> 
<Options>3</Options> 
<AccessMask>64</AccessMask>
</Entry>
</PolicyRule>