cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
alexp01482
Level 7
Report Inappropriate Content
Message 1 of 5
‎04-17-2015 03:01 AM

DLP how do I block MTP

Hi

I'd like to be able to block MTP in DLP. I'm running version 9.3.300.16.

I've read that you can block MTP using a Removable Storage Protection Rule, but I can't find any reference to it.

Capture.PNG

Am I being stupid? Can some point me in the right direction, just using small words please 😉

Cheers

Alex

0 Kudos
Reply
4 Replies
exbrit
MVP
Report Inappropriate Content
Message 2 of 5
‎04-17-2015 03:08 AM

Re: DLP how do I block MTP

Moved to DLP for a faster response.

---

Peter

Moderator

0 Kudos
Reply
palex
Level 11
Report Inappropriate Content
Message 3 of 5
‎04-17-2015 03:28 AM

Re: DLP how do I block MTP

Hi, alex01482!

See

Removable Storage Protection Rule is in this window 🙂 This rule do not block MTP-Devices (it control copying files to MTP-devices)

003.png

You can block MTP-Devices with Device Control in this :

002.png

Regards.

0 Kudos
Reply
alexp01482
Level 7
Report Inappropriate Content
Message 4 of 5
‎04-17-2015 03:46 AM

Re: DLP how do I block MTP

Thanks for the reply palex

To Block MTP using device rules will I have to know the Device_Id for every make\model I want to block? That's not really workable given all the possible variations.

In this link

some contributors suggest that 9.3 natively supports the blocking of MTP devices.

0 Kudos
Reply
palex
Level 11
Report Inappropriate Content
Message 5 of 5
‎04-17-2015 04:10 AM

Re: DLP how do I block MTP

Hi, alexp01482!

You do not need to enter the type and PID of all the devices to block them.

First, using a DLP find all classes of devices that are in your network (there is a standard request in to the EPO). Then add the tab DLP Policy-Device Management-Device Classes (Windows only) all classes of devices, decide what you will control what is not. For example, attempts to control or lock the entire class of devices, such as controller USB lead to a blue screen of death on computers. Then make Device Definition. Turn back the device class that you want to monitor. Example, New device definition - PnP - USB Class code or Device Class.


After that you need to make the Device rules. Do not forget that if you make a rule to protect, for example, blocking the smartphone, you must include a definition of the devices and to exclude other categories (Include one and Exclude another Device Definitions).


Regards.

0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community


Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA

Consumer Support   |   Enterprise Support   |   McAfee.com

Legal   |   Privacy   |   Copyright © 2020 McAfee, LLC