I am rather new to device control and I have a customer who would like to block USB devices if they are infected with a virus.
We are using Device control 9.2 and its running via ePO 4.5
Thanks in advance...
No, this is not possible - DLP would have to scan every file on the device prior to making a decision whether to block it or not - this could take minutes/hours depending on the capacity.
By which time the user will have either given up and called support to ask why their device was not working, or infected their machine.
Well, you could do something funky using results coming back from on access scanner.
Something along the line of if malware is found apply a tag to the machine, then you could assign a policy based on a tag, this policy could be to block all removable media.
Not sure how fast it would all work, sounds good in theory, not sure in practice.
Think you would have to use ePO 4.6 as well, cant remember if you can assign policies based on tags in 4.5
Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center
2821 Mission College Blvd.
Santa Clara, CA 95054 USA
Consumer Support | Enterprise Support | McAfee.com
Legal | Privacy | Copyright © 2019 McAfee, LLC