what is correct way to set priority rule (prepend-replace-append) of a policy for device control when applied multiple times

[sanjay mehta 5]

to the "all" group, we have applied the device control - max security (default preconfigured policy), so that by default all devices are blocked. here the rule "replace" is set for both the merged list & local list.

then to a particular computer x, in a subgroup, we apply another policy to allow USB access to a particular iphone data with all device parameters like vendor name,  model & serial no. configured from the populated list. here the rule for priority is set to "prepend" for both the merged & local lists.

the net result of this used to be that while all devices were blocked for entire organisation, for this particular computer x, only the iphone access was allowed & other devices continued to be blocked. to my knowledge this was working correctly till one day when x was formatted & a new OS win 11 installed. now the net result of the above policies is that while the iphone access is allowed, but all other device access is also allowed which is not the desired outcome.

please suggest what am i doing wrong here.

[Marcos 4,935]

For more information on rules how policies are applied, please refer to https://help.eset.com/protect_cloud/en-US/admin_pol_enumerating_policies.html?admin_pol_how_policies_are_applied.html. Should you need further information, please raise a support ticket.