I'd like to be able to block MTP in DLP. I'm running version 9.3.300.16.
I've read that you can block MTP using a Removable Storage Protection Rule, but I can't find any reference to it.
Am I being stupid? Can some point me in the right direction, just using small words please 😉
You do not need to enter the type and PID of all the devices to block them.
First, using a DLP find all classes of devices that are in your network (there is a standard request in to the EPO). Then add the tab DLP Policy-Device Management-Device Classes (Windows only) all classes of devices, decide what you will control what is not. For example, attempts to control or lock the entire class of devices, such as controller USB lead to a blue screen of death on computers. Then make Device Definition. Turn back the device class that you want to monitor. Example, New device definition - PnP - USB Class code or Device Class.
After that you need to make the Device rules. Do not forget that if you make a rule to protect, for example, blocking the smartphone, you must include a definition of the devices and to exclude other categories (Include one and Exclude another Device Definitions).