cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Linuxxo
Level 11
Report Inappropriate Content
Message 1 of 9
‎07-08-2019 03:28 AM

Issues excluding Smartphones for storage file access

Hello,

I have created a P&P rule that block access to all smartphones as storage device and that is working as expected, however I am having issues when I attempt to excluding some smartphones. I have tested the feature before and I am sure that it was working, but I am trying again now and it seems to have stopped. What I have done:

- Create a Plug and Play Device entry through the Incident triggered by the blocked smartphone
- Selected the smartphone on the Excluded listed and enabled it
- Apply the policy on the ePo and update the DLP Endpoint
- Plug in the smartphone that should be excluded, but the device is still being blocked

Am I doing something wrong? Or, is there a chance that the rule may have become corrupted?

Many thanks in advance.

 

0 Kudos
Reply
8 Replies
DLP_RS
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 9
‎07-08-2019 03:53 AM

Re: Issues excluding Smartphones for storage file access

As you might be seeing it within rule configuration settings, we can have the exceptions based on the below settings.

Excluded Device Templates
Excluded Serial Number & User Pairs (Disabled)
Excluded Users

First please check, if any of the above options work as an exception. If none works, then certainly we need to further troubleshoot the issue.

0 Kudos
Reply
Linuxxo
Level 11
Report Inappropriate Content
Message 3 of 9
‎07-08-2019 05:03 AM

Re: Issues excluding Smartphones for storage file access

Thanks for your suggestions. I have tested the Excluded Users option and that works fine. But the Excluded Device Template with the P&P Device exclusion created through the Incident is still not working. I have already tried to create a new rule, new policy and even reinstalled the DLP Endpoint agent.

0 Kudos
Reply
DLP_RS
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 9
‎07-08-2019 05:26 AM

Re: Issues excluding Smartphones for storage file access

So it has been narrowed down to Device Template.

What happens if we create another rule using same Device template? Does it trigger for the same PnP Device? Make sure to disable the earlier rule.

0 Kudos
Reply
Linuxxo
Level 11
Report Inappropriate Content
Message 5 of 9
‎07-08-2019 06:35 AM

Re: Issues excluding Smartphones for storage file access

Tested all that, even tested with using a different smartphone, same issue. The device template created through the Incident is not being excluded. However if I do exclude the user, then it works perfectly fine. I am really puzzled because the same option that excludes devices, used to work just fine.

0 Kudos
Reply
DLP_RS
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 6 of 9
‎07-08-2019 06:44 AM

Re: Issues excluding Smartphones for storage file access

Is it okay if you can share the screenshot of the Incident generated and exception created using the same for review?

0 Kudos
Reply
Linuxxo
Level 11
Report Inappropriate Content
Message 7 of 9
‎07-08-2019 07:49 AM

Re: Issues excluding Smartphones for storage file access

As requested, a copy of the Incident and how the Device template is created.

Incident.pngdevice.png

0 Kudos
Reply
DLP_RS
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 8 of 9
‎07-08-2019 08:02 AM

Re: Issues excluding Smartphones for storage file access

I would suggest to use minimal device properties and then add rest of the properties one by one to know which one is a mismatch.

For example, lets start by using Device Description and Bus Type.

0 Kudos
Reply
Linuxxo
Level 11
Report Inappropriate Content
Message 9 of 9
‎07-08-2019 08:13 AM

Re: Issues excluding Smartphones for storage file access

Thanks for the suggestion. I have already tried to create the Device template using the Device Instance ID and that gave an unexpected result. Access to the Device was blocked until I selected the PTP option on the smartphone, which then gave me full access to the device as storage. I will now try your suggestions and see what happens.

0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community


Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA

Consumer Support   |   Enterprise Support   |   McAfee.com for Enterprise

Legal   |   Privacy   |   Copyright © 2021 Musarubra US LLC