cancel
Showing results for 
Search instead for 
Did you mean: 
st_john
Level 7

EEFF\EERM Exclusions

We are deploying EEFF 4.2 to only encrypt USB devices. I realize that DLP has more capabilities for handling various devices. However, I would like to know how far I can get with EEFF\EERM alone. Are there any resources for exempting phones, tablets, ereaders, etc by manufacturer, for example Apple? I have EEFF deployed and the EPO logs show 700 devices so far. I can get a list of current devices from an EPO query, example below.

USBSTOR\Disk&Ven_Apple&Prod_iPod&Rev_1.70\serial_number

Since others have already deployed I was just wondering what resources were available to help with this. Otherwise I guess I am just monitoring, gathering devices and exempting.

This has been pushed up in the queue by Management so I under the gun to get it moving.

0 Kudos
1 Reply
nchakrap
Level 11

Re: EEFF\EERM Exclusions

"Device exemption” feature is based on the DeviceID (Device Instance Path), and devices are exempted based on a substring match.You can configure any search patterns or device IDs.

For instance if the Device ID was identified as USBSTOR\DISK&VEN_KINGSTON&PROD_DATATRAVELER_G3&REV_1.00\001CC0EC321DFBC0B7172686&0,any of the below strings will exempt the device from being encrypted

  • KINGSTON -> Would exempt all KINGSTON devices including the one above
  • DATATRAVELER -> would exclude all DATATRAVELER models including one above. The MAKE may or may not be KINGSTON
  • G3 -> Any device with G3 would beexcluded including the one above
  • DISK&VEN_KINGSTON&PROD_DATATRAVELER_G3&REV_1.00  and so on….

 

For more information, refer to the articles below :

How to exempt devices by Vendor : https://kc.mcafee.com/corporate/index?page=content&id=KB69770

How to exempt by Device IDs : https://kc.mcafee.com/corporate/index?page=content&id=KB75531

Hope this helps

0 Kudos