We are using McAfee DLP suite integrated with Active Directory Domain in our company and it's version 9.3.500.15.We have got usb device rules to block for some people and We have also some rules to allow for some people.We created our device rules with active directory users and groups.Now everything is working expected.
But when the user switched from our active directory domain to another network ( like home ) or disabled their network adapter or flight mode , Our usb rules gone away and does not work and users can use their usb devices while offline our ad domain.
We have contacted our local mcafee reseller they said us please check the rules and online/offline checked in rules connectivity section.We checked this option and it seems ok.Then They gave us another instructions and use McAfee Epo System Tree and use computer assigment group and check logged user for device rules.We did this instruction but this time all of usb was blocked.For this case computer policy applied and user policy did not work. However we need some exception for some kind of users like technical staff for blocked computers.
Our local reseller did not find any resolution for this kind of case.I mean we need offline block rule but another way some domain users can log in the computer blocked usb with usb rights ( exception ).