Showing results for 
Show  only  | Search instead for 
Did you mean: 
Level 7
Report Inappropriate Content
Message 1 of 6

DLP not working

I have DLP full liscensed installed. Its set up not issues, I have it set to block USB and Cd/Dvd rom devices however it isnt. Can any one tell me where the issue is occurring.

The device class ,definition and rules are set as well as a user assignment group
Labels (1)
5 Replies
Level 7
Report Inappropriate Content
Message 2 of 6

RE: DLP not working

Can anyone from mcafee or anyone at all offer some help

RE: DLP not working

Can you please describe how and where you defined the device definitions and rules. Also check if rules defined by assigment group or by computers in ePO policy.
Ill can try to help to you.

Level 7
Report Inappropriate Content
Message 4 of 6

RE: DLP not working

The device definitions were defined in the Device Definitions category in Device Management, similiarly Device Rules were defined in the Device Definition category in Device Management.

Device definitions were defined as follows Bus type and CD/DVD drives were chosen as the selected parameters. Only USB was selected in the Bus type parameter.

Device Definitions were defined as follows. Step 1: The device definition rules from above was included.
Step 2: Block (online\offline); Monitor (online\offline) and Notify user (online\offline) were selected.
Step 3: Was left blank initally with just the privileged user set up by user account. The drives were not being blocked. A User Assignment group was then set up and used, it was set up by group as defined by Active Directory.

Method of enforcement

Basically mistake with McAfee DLP is method of enforcement.
You need to decide wich one more effective for you - computer or users/group enforcement.
If you try to use both, the resoult is conflict and policy not work.
My advice - start from beginning. Delete device rules and Assignment groups. Recreate rules.
1. For computer enforcement - leave "Assignment groups" empty (skip it) and create policy for DLP agent in policy catalog. Select the created rules and apply policy for selected computers or group.
2. For AD user/group enforcenent - select "Assignment group" in Device rule creation wizard, click apply button in DLP management interface and NOT!!! change policy for DLP Agent.
3. Make wakeup for clients.

PS: Changes madden in "Agent Global configuration" enforced just after client reboot.

Goog luck


RE: Method of enforcement

I just evaluate DLP and find quite diffcult to start with.

The product guide may not be a good starting point.
It descript every screen items in the policy manager.

Is there any step by step guide for beginner to try on setting up some basic infrastructure?
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community