Showing results for 
Search instead for 
Did you mean: 

how to Exclude specific user USB Block Policy

How can I Exclude a user or a computer from USB block policy in ePolicy. I want to give access to a computer to use USB port.

1 Reply
McAfee Employee Mreaden
McAfee Employee
Report Inappropriate Content
Message 2 of 2

Re: how to Exclude specific user USB Block Policy


There are several ways to accomplish the exception. You can perform the exception by Device Template, Serial Number & User Pair, or Excluded User.
Below is an excerpt from DLP 11.2 Product Guide. I have also attached a link to  the guide for your review. See Pages 61-67, Working With Device Templates for more detail.



Create a plug-and-play device rule

1 In McAfee ePO, select Menu | Data Protection | DLP Policy Manager | Rule Sets.
2 Select Actions | New Rule Set, or edit an existing rule set.
3 To open the rule set for editing, click the rule set name. Click the Device Control tab.
4 Select Actions | New Rule | Plug and Play Device Rule.
5 Enter a unique rule name.
6 (Optional) Change the status and select a severity.
7 Deselect the McAfee DLP Endpoint for Windows or McAfee DLP Endpoint for Mac OS X checkbox if the rule applies to
only one operating system.
5 Using Device Control
Protecting devices

8 On the Condition tab, select one or more plug and play items or groups.
When saving the rule, the template used to create the items or groups is validated against the operating
systems selected in the Enforce on field. If they don't match, an error message displays. You must correct the
error by deleting templates or changing the selected Enforce on operating system selected before you can save
the rule.
9 (Optional) Assign end-user groups to the rule.
10 (Optional - Windows only) On the Exceptions tab, select a whitelisted device template and fill in the required
You can add multiple exceptions by adding more than one whitelisted item or a whitelisted plug and play
11 (Optional - Mac only) On the Exceptions tab, select a device template and fill in the required fields.
You can add multiple exceptions by adding more than one item or plug and play group.
12 On the Reaction tab, select an Action. Optional: Add a User Notification, and Report Incident.
If you don't select Report Incident, there is no record of the incident in the DLP Incident Manager.
13 (Optional) Select a different action when the end user is working outside the corporate network, or is
connected by VPN.
14 Click Save.


More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community