cancel
Showing results for 
Search instead for 
Did you mean: 
newag
Level 7

Prevent execution of certain application through DLP rules. Whether is it possible?

Hi everyone

I have some question about DLP rules. Is it possible to block running certain type of application through DLP rules. In our company we have a number of production PC, which we will want to prevent from running exe files (excuding only necessary apps). This files will be stored on network locations or local hard disks. Is it possible to do it through DLP rules policy? What kind of rule we need to deploy?

Appreciate your help in advance

0 Kudos
3 Replies
keithdrone
Level 10

Re: Prevent execution of certain application through DLP rules. Whether is it possible?

Preventing applications from reading/writing is not in the endpoint DLP capabilities at this time.

You could always use application whitelisting using HIPS or Solidcore functionality

0 Kudos
tonyw
Level 12

Re: Prevent execution of certain application through DLP rules. Whether is it possible?

Keithdrone is correct.  The McAfee Application Control (solidcore) would be better suited to performing this action.  DLP has limited function for data execution prevention for removable storage.  App control was designed to fit your needs.

0 Kudos
keithdrone
Level 10

Re: Prevent execution of certain application through DLP rules. Whether is it possible?

Looks like McAfee doesn't have any roadmaps for blocking opening or saving of matched data via DLP, but other solutions do - if this is a requirement for your organization you may wish to re-visit your Data Classification Standard and how you respond to triggered events through applications.

0 Kudos