I defined a PnP device rule to block smart phones, and use the built-in device template "Windows portable devices". but when i plug a generic USB flash disk, it seems triggering this PnP device rule, says a MTP device was blocked.
I opened Windows device manager, seems the USB is recognized as one MTP device and one normal disk and that's why the MTP part of the USB device got blocked.
I know it won't affect the use(read/write) of the USB, but i wonder if everything is working by design? does all the USB flash disk has a MTP device class type? btw i'm using Kingston DataTraveler 3.0 for the testing.
Thanks in advance!
Solved! Go to Solution.
It may not be an expected behavior. It depends on Windows on how to recognize the device. Could you please share screenshots of Incident details, rule configured and Device Manager(when device is connected).
looking forward to your test result and thanks for the KB.
btw now i'm able to block smart phones without blocking my USB(MTP part). i created a device template like this:
do you think it's good to apply to production environments? - if you have better idea please ignore what i say above... thanks.
It looks good. Make sure to apply it first few machines and monitor it for few days before rolling out to larger deployment.
I would suggest to review some of the in-built rulesets under DLP Policy Manager for more details.
You can access these rulesets by enabling the option->Show built-in rule sets samples under DLP Policy Manager.