I'm having some trouble configuring mass storage and removable USB drive blocking.
I've got DLP installed on my EPO.
I then deployed the DLP agent to my test laptop
Then created 2 device definitions.
One to block plug and play USB devices and another to block removable mass storage.
I've then created 2 device rules and included the device definitions into my 2 rules.
I've applied the rules which then kicks a process off that checks the rules. The rules passed the test.
I've then ran the policy check on my test laptop which goes away and checks for updates.
I then tested by connecting a USB flash drive to my laptop but it did not block the flash drive and i could browse the files on the drives.
I used this document as a refference guide to perform these tasks
Any help in diagnosing my issue would be much appreciated.
Solved! Go to Solution.
i've now successfully managed to block usb flash drives.
I had not applied the correct user group to the rule.
I still cannot block mobile phone mass storage like iPhones and other android based phones.
Does anybody have any ideas.
I had it configured as below.
When i first starting looking at configureing this most of the internet posts reffered to configureing as i have in my screenshot.
I did not come across any posts mentioning WPD devices.
I will have a go with this some time soon when i have free time.
I have found a helpful website that list piratically all VID/PID info for manufactures. If the "Windows Portable Device" does not block a certain phone manufacture, you can always block using a VID - Vendor ID or PID - Product ID by creating a new PnP Device Definition . The updates to newer VID/PID's on this site are pretty frequent.
In order to create a PnP rule to block by PID/VID, you can follow the product guide located in the link below.
I hope this helps.