cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

How to block .exe from being executed in a USB storage device?

Hi,

I have the device control v9 integrated in the ePO 4.5. I would like to known if is it possible to block .exe from being executed from a USB storage device?

Thanks

Carlos Ribeiro

Message was edited by: cribeiro on 6/7/10 1:02:49 PM CDT
7 Replies
Highlighted

Re: How to block .exe from being executed in a USB storage device?

I think it's already there by default in DLP 9.0. If you have a DLP agent installed - unless untill you whitelist that exe file for USB, you shouldn't be able to run that exe file. Check the DLP product guide for more info.

- AB

Highlighted

Re: How to block .exe from being executed in a USB storage device?

Use Removable Storage File Access Rule (under Device Rules section) to address this use case.

This rule is available with HDLP v9.

Highlighted

Re: How to block .exe from being executed in a USB storage device?

Hi,

If I understand the Removable Storage File Access Rule is to block the move of information from your PC to the USB, not from the USB to the PC.

I will try to be more clear:

Imagine that a guy came to his company PC and he wants to use for example the Firefox portable or another *.exe. How can I stop this kind of files from being executed?

Thanks

Carlos Ribeiro

Highlighted

Re: How to block .exe from being executed in a USB storage device?

Removable Storage Protection Rule (Protection Rule) is used to protect data moving from PC to USB.

Removable Storage Device Rule (Device Rule) is used to protect devices,

Removable Storage File Access Rule (Device Rule) is used to block applications from being run out of USB devices.

My original reply is accurate. From the Product Guide:

File access rules block removable storage media from running applications.

Message was edited by: vimalnavis on 6/21/10 6:23:38 PM CDT
Highlighted

Re: How to block .exe from being executed in a USB storage device?

Hi Vimalnavis,

Thanks for your answer but I still have a doubt. If we create one Removable Storage File Access Rule can we grant that only application (.exe, .msi) are blocked?

Thanks

Best Regards

Cribeiro

Highlighted
Level 7
Report Inappropriate Content
Message 7 of 8

Re: How to block .exe from being executed in a USB storage device?

Hi Cribeiro,

The Removable Storage File Access Rule blocks all executable applications (.exe, .msi, .bat, .cgi, .cmd, .zip, .rzr and etc.), apart from any specific applications you can define as whitelist applications (eg. a.exe), so you can't block only .exe, .msi

Regards,

Liron

Highlighted

Re: How to block .exe from being executed in a USB storage device?

can you specify an individual file type to block (ie mp3)?

If not, where can i find out what is blocked by default?

Also, with the removable storage file access rule it doesnt log anything to DLP monitor when a file has been blocked (which has been attempted to "open" on a USB device)? is this by design?

Thanks.

Message was edited by: mcafeee on 01/07/10 06:06:15 CDT
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community