cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
f11
Level 7
Report Inappropriate Content
Message 1 of 2

Monitor file access on removable storage


Hello

This is my current set up: I have two overall "classes" of removable storage devices Authorized and Unauthorized, I determine which class a device belongs to by its serial number.

What I am looking for is a way to monitor file access on devices belonging it to the Unauthorized class, I can't seem to find any way of doing this with either the Protection Rules or the Device control rules.

Is there any way of doing this?

1 Reply
epository
Level 10
Report Inappropriate Content
Message 2 of 2

Re: Monitor file access on removable storage

Protection Rules can be set up to show which files are being copied off to the Removable Storage....I take it both the Authorized and Unauthorized are in Monitor mode.

However, as far as file access, I dont think DLP will log that.....

However, there is a Removable Storage File Access rule...this may only track/block only executable types....but maybe you can do your own file definition for a bunch of file types and leverage this.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community