cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
alanm
Not applicable
Report Inappropriate Content
Message 1 of 3

Creating a rule to allow CD\DVD\ROM access.

I am trying to tweak an existing rule to allow a certain group access to their cd\rom when they logon and deny all others.

I am using DLP 9.1.0.522

The events come in with the information showing the drive has been blocked, even for those I want to be able to access.

I have tried entering the information from this event to allow access, without success.

ie :

Event Generated Time (Endpoint):   3/30/2011 2:35:08 PM

Event Generated Time (UTC):   3/30/2011 7:35:08 PM

User Name:  

Computer Name:   KFNBMOBILE18

Associated Rules:   Executive Block Removeable Mass Storage except CD

Agent Action(s):   Block, Monitor, Notify User

Agent Version:   9.1.0.522

Policy Name:   DLP Security Policy

Policy Time (UTC):   3/30/2011 7:20:18 PM

Connection State:   Online

Device Class GUID:   4D36E965-E325-11CE-BFC1-08002BE10318

Device Class Name:   DVD/CD-ROM drives

Device Name:   HL-DT-ST DVD-ROM DU10N

Device Compatible ID:   GenCdRom

Device Instance ID:   IDE\CDROMHL-DT-ST_DVD-ROM_DU10N__________________1.05____\4&3341A3E&0&0.1.0

Bus Type:   IDE

Device File-System Access:   Read - Only

Volume Label:   CD1

Volume Serial Number:   249E-FCDF

Device File System Type:   CDFS

I did not see a way to add the device class GUID or the device serial number.

I have added the class name, device name, device compatable id, device instance id

I would really appreciate any help.

2 Replies
georgec
Not applicable
Report Inappropriate Content
Message 2 of 3

Re: Creating a rule to allow CD\DVD\ROM access.

You can use the user assignment group to exclude the users you want to use the cd-rom from the rule.

amiyabisoi
Not applicable
Report Inappropriate Content
Message 3 of 3

Re: Creating a rule to allow CD\DVD\ROM access.

That's correct. You can exclude the users/groups - you want to allow access.

- AB

McAfee ePO Support Center Plug-in
Check out the new McAfee ePO Support Center. Simply access the ePO Software Manager and follow the instructions in the Product Guide for the most commonly used utilities, top known issues announcements, search the knowledgebase for product documentation, and server status and statistics – all from within ePO.