Who Me Too'd this topic

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Who Me Too'd this topic

Former Member
Not applicable
Report Inappropriate Content

DLP 11 device blocking issues

I've spent hours with support and have come to a roadblock with DLP 11 for device control. It's possible support will still come back with a solution, but it's not looking good.

We currently use DLP 9.3 and I've been working to get DLP 11 configured and working in the same manner. My requirement is to block all devices that can get data off our systems, so all USB Drives, SD Cards, Bluetooth, etc. And be able to add exceptions when needed. Because our old policies were so cumbersome I decided to start from scratch with the policies/rules.

This has been working under DLP 9.3. While configuring and testing DLP 11 I ran into an issue a few weeks ago (still an issue now in part) where it claims to block an SD Card on our Dell Latitude E7440s (Windows 10), but in fact it's not blocking the card. I'd be happy and would prefer to block the actual card reader on all systems, but that existing rule set provided by McAfee DLP is unreliable. I've spent many hours with support (Tier 2) trying to get the SD card to be blocked. We've run their DLP monitoring tool to try to get every byte of information possible to actually block it.

We've tried both Removable Storage Device rules and Plug and Play Device rules, they either did nothing, or claimed to block but didn't actually block. Finally, we created a rule that works. It's a removable storage device rule with the Bus type as SCSI and the Device Instance ID is SCSI\Disk&Ven_&Prod_SD&Rev_0001\.

I then explained my concerns about how long it took to find the right rule logic to block this SD Card, and the possibility of there being other False blocks for other SD Cards or USB Devices. I was told it's possible there are other False blocks, so I'd need to thorough testing aon all system types and many SD cards and USB drives. And then there's the possibility of a new SD Card or USB Drive arriving on the market, that happens to have this false block issue.

I need DLP 11 to actually block things without jumping through 50 hops and trust it to block future removable devices. So, any ideas? I'm frustrated with DLP 11 to say the least.

Who Me Too'd this topic

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community