I am testing DLP managed from ePO for Company-wide rollout, but am unable to get our corporate memory sticks working. They have an exe file that unlocks the encrypted portion, but DLP is blocking execution of this file and the stick is blocked at this point.
Our corporate encrypted USB sticks are in the whitelisted plug and play device definitions. I have also added the .exe name in the Application Definitions with Trusted Strategy and it's also a Whitelisted Application.
It depends on the make/model of the stick. From previous experience some encrypted USB sticks appear as a CDROM then you use the software on the virtual CD to load the encryted partition which appears as a disk drive.
So my first thought is that the CDROM part is blocked or made Read-Only?
Global Support Engineering Operations
That's right re read only partition in CDFS and running the exe should enable the encrypted partition. DLP is blocking the device after the exe is run.
I have logged a SR (4-4352049397) with McAfee, but we're having problems with DLP event not getting to ePO so they'll help with that too. Output from the MER Tool has been uploaded.
If you are using Removable Storage Device Definition, the Whitelisted Plug and Play device definition wouldn't make any difference.
To me it seems like the way you have defined the rules, the virtual CD/DVD portion of the drive is being made read-only. You would want to modify the rule to exclude those drives.