You can suppress device operations when the client's OS is one of the following:

• Windows 2000
• Windows Server 2003
• Windows XP
• Windows Vista
• Windows Server 2008
• Windows 7
• Windows Server 2012
• Windows 8

Operation suppression is not supported if the client's OS is Windows NT 4.0, Windows 98, or Windows Me.

• You may not be able to suppress the operation of devices that were connected before operation monitoring started, such as immediately following startup of the client PC.
• JP1/Software Distribution cannot be used concurrently with other products that limit the use of external media (such as Windows Group Policy or Active Directory Policy). If such a product and JP1/Software Distribution are used concurrently on the same client, JP1/Software Distribution's setting for suppressing external media operations might be modified by the other product. JP1/Software Distribution might also modify the setting of the other product.
• Operation suppression does not go into effect on devices that were connected before an operation monitoring policy was applied. To enable device operation suppression for these devices, you must restart the client PC.
• If you make any of the following modifications to the operation monitoring policy, restart the client PC:
  
  • Changing the setting from operation suppression to operation enabling
  • Changing the setting for an already-connected device to operation suppression
  • Enabling or disabling the setting that suppresses recording only
• If the OS of the client PC is Windows 2000, you cannot suppress operation of USB-connected hard disk and floppy disk drives that were connected before the user logged in.
• If you suppress a device for which the auto-playback function is enabled, an error message indicating auto-playback failure might be displayed.
• If an operation monitoring policy for suppressing the operation of a device is applied while that device is operating, the OS might display an error message.
• When a suppressed device is connected to the client PC for the first time, the OS might display an error message indicating a device driver installation failure.
• Devices such as USB scanners might be recognized as imaging devices even when they are USB-connected.
• You cannot suppress devices that cannot be recognized as USB storage devices, Bluetooth devices, or imaging devices even when they are USB-connected. You cannot exclude them from suppression, either.
• You cannot suppress only writing of data to DVD RAM.
• If you suppress only writing of data to a USB storage device equipped with an encryption function, reading of data from that device might also be disabled.
• To suppress only writing of data when the OS of the client PC is Windows Vista or later, you need to start Portable Device Enumerator service in the Services window (accessed by choosing Control Panel, Administrative Tools, and then Services).
• If a device that has multiple device instance IDs is connected, the dialog box showing its suppression status might be displayed multiple times for that single device.
• If driver installation is performed after a suppressed device is connected to the client PC for the first time, the dialog box indicating that device connection was suppressed might be displayed multiple times.
• When you suppress a USB-connected CD/DVD drive, the tray of the suppressed CD/DVD drive might open.
• When you connect a suppressed device to the client for the first time, you might not be able to install the device driver.
  In this case, no history of device connection, disconnection, and connection suppression is collected. The warning dialog box indicating device connection suppression is not displayed, either.
  
• When both of the following conditions are satisfied and a file is being copied to a USB-connected hard disk or floppy disk drive, operation of a USB storage device cannot be suppressed until file copying is completed:
  
  • The OS of the client PC is Windows 8, Windows Server 2012, Windows 7 or Windows Server 2008 R2.
  • An operation monitoring policy for suppressing the operation of a USB storage device is applied while file copying is being performed.
• If an operation monitoring policy is applied that excludes a specific USB storage device from suppression based on its friendly name, when that USB storage device is connected to the client PC for the first time, any device whose friendly name cannot be acquired might be suppressed. In this case, reconnect the USB storage device.
• If you suppress the operation of a device, the suppressed device is no longer recognized as a drive, and consequently you will not be able to collect that device's system information.
• If the auto-playback function is enabled in Windows settings, you cannot suppress the operation of USB-connected hard disk or floppy disk drives. To suppress the operation of these drives, disable the auto-playback function.
• If you suppress internal SD cards, the operation of the following devices is also suppressed:
  
  • Devices for which RIMMPTSK is displayed for Enumerator under the Details tab in the device's Properties dialog box (displayed by choosing from Administrative Tools, Computer Management, and then Device Manager)
• If you specify an operation monitoring policy that suppresses the operation of a device that is already connected, the suppression dialog box for that device might be displayed when you connect a different device to the client PC.
• Even when it is necessary to restart the client PC to enable an operation monitoring policy for suppressing operation, the suppression dialog box is displayed when the operation monitoring policy is set.
• When the OS of the client PC is Windows Vista or later, if you apply an operation monitoring policy that suppresses one or more devices, an error-level event log might be output.
  The following example shows the event log that is output when an internal CD/DVD is suppressed.
  

  Source: Service Control Manager Eventlog Provider Event ID: 7026 The following boot-start drive or system-start drive could not be loaded: cdrom

  Note that in Windows 7 and Windows Server 2008 R2, the source is Service Control Manager.
  
• If you suppress a Bluetooth device, the use of the mouse or keyboard connected using Bluetooth will also be suppressed.
• When you connect a Bluetooth device to a PC, the registry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\ (the Bluetooth device's hardware ID) is created. The device control facility treats a device as a Bluetooth device when the Class value in this registry is Bluetooth, BTW, or BTM. You can check the hardware ID from the OS's device manager. We have confirmed that the Bluetooth devices listed below can be suppressed.
  

  Manufacturer	Model No.
  Planex Communications	BT-Micro3E1X
  	BT-MicroEDR2X
  Logitech	LBT-UAN03C2BK
  	LBT-UAN01C1
  Corega	CG-BT2USB01CB
  	CG-BT2USB02CB
  Sanwa Supply	MM-BTUD26
  	MM-BTUD23
  Buffalo	BSHSBD04BK
  	BSHSBD02BK
  I-O Data	USB-BT21

• If the client's OS is Windows 8 or Windows Server 2012, dialog boxes related to device suppression appear on the desktop.
• If the client's OS is Windows 8 or Windows Server 2012, you cannot suppress operations on a USB storage device to which a storage pool is assigned.

Notes on suppressing device operations at an offline machine

Do not suppress the operation of the device that will be used to apply an operation monitoring policy or to collect operating information. If you suppress such a device, you will not be able to apply an operation monitoring policy or collect operating information.

Notes on virtual environments

• When an operation monitoring policy for suppressing device operations is applied to a virtual environment, a warning dialog box indicating that the connection of the device has been suppressed is displayed only to users connected to a console session. If no users are connected to a console session, the warning dialog box is not displayed.
• If both of the following conditions are satisfied, operation of the redirected drive cannot be suppressed even if a security policy for suppressing devices has been applied to the terminal server:
  
  1. A security policy for suppressing device operations has not been applied to a PC remotely connected to the terminal server.
  2. The drive connected to the PC in condition 1 is set to be used by the terminal server.
  To suppress such a drive, disable redirection on the terminal server side. However, making this setting will disable redirection for all drives. The procedure for disabling redirection for a terminal server in Windows Server 2012 or Windows Server 2008 is as follows.
  
  • For Windows Server 2008:
  1. From Windows Terminal Service Configuration, open the RDP-Tcp property.
  2. Under the Client Settings tab, select Drive in Redirection.
  • For Windows Server 2008 R2:
  1. From Windows Remote Desktop Session Host Configuration, open the RDP-Tcp property.
  2. Under the Client Settings tab, select Drive in Redirection.
  • For Windows Server 2012:
  1. In Windows Local Group Policy Editor, choose Device and Resource Redirection (Computer configuration - Administrative Templates - Windows Components - Remote Desktop Services - Remote Desktop Session Host)
  2. Enable Do not allow drive redirection.

Notes on upgrading JP1/Software Distribution from versions between 08-51 and 09-00 inclusive to version 09-50 or later

An operation monitoring policy for suppressing external media operation is not applied to clients whose version is 09-50 or later. You need to specify an operation monitoring policy for suppressing device operation.

However, an operation monitoring policy for suppressing external media operations is applied when the following two conditions are satisfied:

• No operation monitoring policy that was edited following an upgrade has ever been applied.
• An operation monitoring policy that suppresses the operation of pre-upgrade external media is applied without being edited.