I am new administrator for McAfee EPO. We recently added Device Control Module/Data Loss Prevention to our enviroment. Some of the cd rom's on our local machines will not open/read a cd. I used the default settings and was under the impression it would not apply the policy until i was ready to implement. Of course, I am using someone elses directions and doing what i am told. I would appreciate any help.
There is a specific location for this type of discussion. But look, any policy in your DLP console Device Rule section will be applied to all systems if you enable the device rule and click on "apply" which will send this to the policy catalog. Now, if you didn't add a user assignment group to the policy, then nothing will happen unless in the policy catalog you check the boxes next to said rule. If you happened to add some user account groups, like "include" domain users... domain users will be subject to the behavior of the rule imposed to the included device.
Once you use UAG in the device rule, the check boxes in the policy catalog will override the UAG programmed into the device rule section and force the behavior onto the workstation where said policy is enforced to those subjects that are checked, the logged on user, or local user.
your device CD/ROM
your Rule: Includes CD/ROM, Block, User Group includes "domain users", excludes Jane.Doe.
Policy assigned to all workstations do not have any check boxes ticked.
Everyone on your ePO console with DLP installed will have their CD Rom controlled, blocked, by DLP, except for Jane.Doe wherever she goes on any workation on the domain with DLP installed.
Where is the specific location for this type of discussion? This software was purchased for us and told to use. We us another vendor for our Anti-Virus so i am not familar with specific locations for discussions
don't worry - you are now in the right place. Personally I would contact my McAfee representative (or distributor) and buy some training - it's a much faster way to get up to speed on the product if you have no experience.