cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
it1024
it1024
Level 10
Report Inappropriate Content
Message 1 of 3
‎09-01-2019 10:08 PM

Policy assinged to one group is effecting other groups too!

I have created one Rule Set in which I have only blocked USB removable storage as you may see in the below screenshot:

ruleset1.jpg

 

And I have assigned it to just one policy which is clear in the below screenshot:

ruleset2.jpg

 

The default policy with no rule set is assigned to My Organization while the policy which name ends with (USB_Blocked) is assigned to only one group. Below screenshots:

policy1.jpgpolicy2.jpg

 But when after assigning the (USB_Blocked) policy to that one group, surprisingly all the clients in other groups are also affected!!! They also report that their DVD writers are not allowed to write! What is wrong with my settings???

0 Kudos
Reply
2 Replies
Highlighted
DLP_RS
McAfee Employee DLP_RS
McAfee Employee
Report Inappropriate Content
Message 2 of 3
‎09-01-2019 11:53 PM

Re: Policy assinged to one group is effecting other groups too!

I would recommend using DLP Diagnostic Tool and confirm the effective DLP Policy\Active Policy on the client machine\system tree group. Is there a ruleset in My Default DLP Policy? Please share the Incident details as well.
0 Kudos
Reply
Fademidun
Reliable Contributor Fademidun
Reliable Contributor
Report Inappropriate Content
Message 3 of 3
‎09-02-2019 08:08 AM

Re: Policy assinged to one group is effecting other groups too!

First, do you have a separate set of machines for this in system tree? The best way (in my opinion) to do this and have a problem free testing is to create a sub-group in System tree "DLP-Test_Grp" drap few machines into this group, assigned the policy, send WUA and login with a test account to this machine, also try and reset the default policy. You can also collect and send props from clients..

Alternatively create an exception group (USB Allowed) and assign this, so only block users are blocked

0 Kudos
Reply
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator

    • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community


    Corporate Headquarters
    2821 Mission College Blvd.
    Santa Clara, CA 95054 USA

    Consumer Support   |   Enterprise Support   |   McAfee.com

    Legal   |   Privacy   |   Copyright © 2019 McAfee, LLC