Showing results for 
Search instead for 
Did you mean: 

Data Loss Prevention

I am new administrator for McAfee EPO. We recently added Device Control Module/Data Loss Prevention to our enviroment.  Some of the cd rom's on our local machines will not open/read a cd.  I used the default settings and was under the impression it would not apply the policy until i was ready to implement.  Of course, I am using someone elses directions and doing what i am told.  I would appreciate any help.

0 Kudos
4 Replies
Level 10

Re: Data Loss Prevention

There is a specific location for this type of discussion. But look, any policy in your DLP console Device Rule section will be applied to all systems if you enable the device rule and click on "apply" which will send this to the policy catalog. Now, if you didn't add a user assignment group to the policy, then nothing will happen unless in the policy catalog you check the boxes next to said rule. If you happened to add some user account groups, like "include" domain users... domain users will be subject to the behavior of the rule imposed to the included device.

Once you use UAG in the device rule, the check boxes in the policy catalog will override the UAG programmed into the device rule section and force the behavior onto the workstation where said policy is enforced to those subjects that are checked, the logged on user, or local user.


your device CD/ROM

your Rule: Includes CD/ROM, Block, User Group includes "domain users", excludes Jane.Doe.

Policy assigned to all workstations do not have any check boxes ticked.


Everyone on your ePO console with DLP installed will have their CD Rom controlled, blocked, by DLP, except for Jane.Doe wherever she goes on any workation on the domain with DLP installed.

0 Kudos
Level 12

Re: Data Loss Prevention

Moved to Host DLP area for housekeeping. Let me know if this belongs in Network DLP.

0 Kudos

Re: Data Loss Prevention

Where is the specific location for this type of discussion?  This software was purchased for us and told to use.  We us another vendor for our Anti-Virus so i am not familar with specific locations for discussions

0 Kudos
Level 21

Re: Data Loss Prevention

don't worry - you are now in the right place. Personally I would contact my McAfee representative (or distributor) and buy some training - it's a much faster way to get up to speed on the product if you have no experience.

0 Kudos