cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
eg123
Level 9
Report Inappropriate Content
Message 1 of 7

DLPe: PnP device rule issue

Jump to solution

Hi Guys,

I defined a PnP device rule to block smart phones, and use the built-in device template "Windows portable devices". but when i plug a generic USB flash disk, it seems triggering this PnP device rule, says a MTP device was blocked.

 

I opened Windows device manager, seems the USB is recognized as one MTP device and one normal disk and that's why the MTP part of the USB device got blocked.

 

I know it won't affect the use(read/write) of the USB, but i wonder if everything is working by design? does all the USB flash disk has a MTP device class type? btw i'm using Kingston DataTraveler 3.0 for the testing.

 

Thanks in advance!

1 Solution

Accepted Solutions
McAfee Employee DLP_RS
McAfee Employee
Report Inappropriate Content
Message 5 of 7

Re: DLPe: PnP device rule issue

Jump to solution

I need to test it and may take some time. Not sure, but seems that there are some details in the below KB82966.

 

6 Replies
McAfee Employee DLP_RS
McAfee Employee
Report Inappropriate Content
Message 2 of 7

Re: DLPe: PnP device rule issue

Jump to solution

It may not be an expected behavior. It depends on Windows on how to recognize the device. Could you please share screenshots of Incident details, rule configured and Device Manager(when device is connected).

eg211
Level 8
Report Inappropriate Content
Message 3 of 7

Re: DLPe: PnP device rule issue

Jump to solution

Hi ,

Below is the data you requested:

11.png12.png13.png

eg211
Level 8
Report Inappropriate Content
Message 4 of 7

Re: DLPe: PnP device rule issue

Jump to solution

to add, i tested on both Windows7 and Windows10 1809, same behavior.

McAfee Employee DLP_RS
McAfee Employee
Report Inappropriate Content
Message 5 of 7

Re: DLPe: PnP device rule issue

Jump to solution

I need to test it and may take some time. Not sure, but seems that there are some details in the below KB82966.

 

eg123
Level 9
Report Inappropriate Content
Message 6 of 7

Re: DLPe: PnP device rule issue

Jump to solution

looking forward to your test result and thanks for the KB.

btw now i'm able to block smart phones without blocking my USB(MTP part). i created a device template like this:

Snipaste_2019-07-11_21-55-38.png

do you think it's good to apply to production environments? - if you have better idea please ignore what i say above... thanks.

McAfee Employee DLP_RS
McAfee Employee
Report Inappropriate Content
Message 7 of 7

Re: DLPe: PnP device rule issue

Jump to solution

It looks good. Make sure to apply it first few machines and monitor it for few days before rolling out to larger deployment.

I would suggest to review some of the in-built rulesets under DLP Policy Manager for more details.

You can access these rulesets by enabling the option->Show built-in rule sets samples under DLP Policy Manager.

 

 

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community