My corporate environment uses:
McAfee DLP Endpoint version 126.96.36.199
McAfee ePO version 4.6.0
I have created a few definitions and rules for the environment.
First, I have set up two plug and play device definitions and the rule is to include (to block) them.
From this definition we are able to block all insertions of Apple products into the computer. Similarly, we also created a definition for Samsung products and all we have to change is the vendor ID and also the device name to Samsung (Partial Match). It works for us fine.
Second, I have set up three removable storage device definitions and the rules are as follows:
To include (to block):
To exclude (to not block):
The 'Allow CD/DVD Drives' definition is to allow users to be able to use external CD drives on the laptop which doesn't have the internal CD drives and the 'Whitelisted Allow' definition is to let users have special granular access to thumbdrives that would be able to use on the computer.
Here comes the question that I would need assistance with:
I have users that needs to use 3G dongles when he/she brings the laptop out of office to work therefore needs the 3G dongle. Basically a 3G dongle is a portable device that is attached to a USB port so that the computer will be able to connect onto 3G network and these users whom require broadband Internet connectivity while on-the-go.
Thank you all so much!
Not 100% on this as i have not tested this (lack of device) but this is how i would go about creating the Rule.
Device Definition would be Plug and Play Device Definition
Parameter Name would be BUS TYPE (USB)
This is the part that I am uncertain of
Parameter Name would be USB CLASS CODE (Wireless Controller)
Parameter Name would be DEVICE CLASS (Wireless Communication Devices)
Some devices i have found also register as Windows Portable Devices also listed under DEVICE CLASS.
Your Plug and Play Device Rule would then exclude the new Definition for these devices. You might want to see if you can tighten the rule using the serial number of the 3G device to ensure that only whats approved is used.