cancel
Showing results for 
Search instead for 
Did you mean: 
jlph
Level 8
Report Inappropriate Content
Message 1 of 3

Removable storage device rule: device definition AND Excluded users

Within DLP 10 I have configured a Removable Storage Device rule. The Condition applies to all Removable storage devices and is applicable to all users. Under Exceptions I have configured a Device definition to enable a specific type of USB drive to be writable. I have noticed that we are able to define users who are excluded from the device rule. However, it has been requested that the exclusion is applicable to Users who are a member of a particular group AND have the approved USB media. From what I can see this can only be set as an OR. Is this correct or am I able to meet our requirements?

Thanks in advance.

2 Replies
Highlighted
McAfee Employee hhoang
McAfee Employee
Report Inappropriate Content
Message 2 of 3

Re: Removable storage device rule: device definition AND Excluded users

The separate exclusion types are 'or' statements.  Sounds like you're looking for serial/user pair:

jlph
Level 8
Report Inappropriate Content
Message 3 of 3

Re: Removable storage device rule: device definition AND Excluded users

Hi hhoang,

Many thanks for coming back and for pointing out the Excluded Serial Number & User pairs exception.

This slightly differs from our original requirements however this approach is actually far more secure. From what I understand this pairs a fully qualified user name with the serial number of a particular device. Our original intention was to pair members of an AD group with the ability to write to a configured device definition. From what I can gather this is not possible. Am I correct?

If this is the case, I intend to propose SN & User pairs. I assume you are able to pair a SN with multiple users?

Thanks in advance,

James

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator