cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
jbuschman
Level 7
Report Inappropriate Content
Message 1 of 12

DLP Protection Rule to DVD/CD drive not working

I can create a Protection Rule that will monitor and require justification for a removable storage device plugged into my USB.  However, I cannot get the rule to work with my DVD/CD RW drive.

Any suggestions?

Thanks!

11 Replies
Former Member
Not applicable
Report Inappropriate Content
Message 2 of 12

Re: DLP Protection Rule to DVD/CD drive not working

Hi,

1) Did you enable it?

2) Check policy for 'computer assigned' or 'user right assignment' as you want to work with;

jbuschman
Level 7
Report Inappropriate Content
Message 3 of 12

Re: DLP Protection Rule to DVD/CD drive not working

Yep..

1.  Yes, I enabled and applied the policy.

2. Yes, it is assigned to the correct user rights assignment.

Are CD/DVD drives not considerd "Removable Storage Devices" covered under the Protection Rules?

Former Member
Not applicable
Report Inappropriate Content
Message 4 of 12

Re: DLP Protection Rule to DVD/CD drive not working

Hi,

you should try with 'All Removable Storage Device' in order to know if Device Control blocks it.

jbuschman
Level 7
Report Inappropriate Content
Message 5 of 12

Re: DLP Protection Rule to DVD/CD drive not working

Device Plug and Play blocking CD/DVD drive works appropriately.  The rules with Device Removable storage does not work.

hmmm...

Thanks for you thoughts so far   any more ideas?  I will try the diagnotic tool next.

tonyw
Level 12
Report Inappropriate Content
Message 6 of 12

Re: DLP Protection Rule to DVD/CD drive not working

This scenario is covered in the following article.

https://kc.mcafee.com/corporate/index?page=content&id=KB53598

You can either block CD/DVD with a device rule set to read only or monitor what is being written with an application based protection rule.

Re: DLP Protection Rule to DVD/CD drive not working

Tony,

I can't seem toa ccess the above KB articles.  Is there something I can do to view it?

Thanks!

tonyw
Level 12
Report Inappropriate Content
Message 8 of 12

Re: DLP Protection Rule to DVD/CD drive not working

I'm not sure why it isn't working for you.  Here is a copy from the article itself:

Corporate KnowledgeBase ID:  KB53598
Last Modified:  January 26, 2012

 

Environment

McAfee Host Data Loss Prevention 9.2
McAfee Host Data Loss Prevention 9.1

McAfee Host Data Loss Prevention 9.0

McAfee Host Data Loss Prevention 3.0

Summary

McAfee recommends that you create a device rule and make the CD/DVD drives read-only.

It is not possible to block data using a reaction rule that is triggered from burning software such as:

Nero

Roxio

Windows built-in burning functionality

The reason for this relates to how the CD/DVD burning software builds the data to be written and the way in which those applications choose to organize the data before burning. These factors make Host Data Loss Prevention (Host DLP) unable to block that data using an application reaction rule.

Host DLP does provide tagging and monitoring via a burner application reaction rule, just not blocking functionality. This feature has limited functionality, but does exist in Roxio versions 6-8. This feature does not work with Windows 2000.

Former Member
Not applicable
Report Inappropriate Content
Message 9 of 12

Re: DLP Protection Rule to DVD/CD drive not working

Hello,

I Have the same quastion as:

I can not create a Protection Rule that will monitor and require justification for my DVD/CD RW drive (not removable storage device plugged into my USB).

I didn't see any working solution here.

My DLP version is 9.3 pach1.

Looking forward for best advice.

Thanks.

Former Member
Not applicable
Report Inappropriate Content
Message 10 of 12

Re: DLP Protection Rule to DVD/CD drive not working

Removable Storage Protection Rules are not supported for CD/DVD drives that are formatted using the Mastered File System. If Live File System was chosen the rule works.

For Mastered file systems on CD/DVD drives, a compensating control is to use Application File Access Protection Rule.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community