Hello, I would like to know, if there is some workaround to make Network Share protection rule to block. In this rule, there are only 2 options - Encrypt, Justification.
McAfee support already told me, that Network Share is not a data loss, because network share stays in corporate network and there is no need to block this action. But what happen, if I bring my notebook home and connect to the home NAS (synology, qnap...)?. It's unknown network share, so I want to block every connections to it, not write a justification. It could be too late.
Re: Network Share Protection rule - option to block?
There is currently no work around from a DLP standpoint to give you the option to Block.
If you would like to see this feature in a future build, you can complete a Product Idea Request, (kb60021).
Excerpt from DLP 11.3 Product Guide, Page 110.
"Button actions must match the prevent actions available for the type of rule that uses the definition. For example, network share protection rules can have only No Action, Encrypt, or Request Justification for prevent actions. If you select Block for one of the button actions, and attempt to use the definition in a network share protection rule definition, an error message appears."
I would recommend creating firewall rules to block desired network ports.
Was my reply helpful? If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.