cancel
Showing results for 
Search instead for 
Did you mean: 
hemantk
Level 12

DLP system based policies

Hello Everyone.

I am using DLP & i have configured DLP policies to block USB(Mass Storage) & CD/DVD. I have applied this policy to everyone(User Based). User abc is a part of everyone.

Now if i have created a computer asignment group using policy catalog & i have unchecked all the rules & asigned to a system xyz. User abc logs in to system xyz, so the devices which were blocked by DLP policy will be accessible OR not? as we have configured the system based policy to unblock the devices for system xyz.

Thanks in Advance.

0 Kudos
3 Replies
bshirish
Level 7

Re: DLP system based policies

Hello Hemant,

As per your query only there should be no user in system base policy. you have to create one more policy to unblock the system and check that in assigned policy in system tree acording to your need that for system or for group

hope this will help to reslove your query please post the query if you have any doubt.

0 Kudos
vimalnavis
Level 13

Re: DLP system based policies

The most restrictive rules will be in effect.

0 Kudos
mshah
Level 10

Re: DLP system based policies

HI Hemant,

As you said you have user based dlp policy to block the Storage / CD DVD which is applied to everyone (all domain users), then why do you need again to apply that policy besd on system? If you want any user to not be effected by that policy you can simply exclude that username or if you are only bother about that system you can log in on that system as local user instead of domain user.  If you log in as domain user  the most restrictive rules will be in effect. as Vimal said and the storage device will get block.

0 Kudos