This content has been marked as final. Show 5 replies
Can anyone from mcafee or anyone at all offer some help
Can you please describe how and where you defined the device definitions and rules. Also check if rules defined by assigment group or by computers in ePO policy.
Ill can try to help to you.
The device definitions were defined in the Device Definitions category in Device Management, similiarly Device Rules were defined in the Device Definition category in Device Management.
Device definitions were defined as follows Bus type and CD/DVD drives were chosen as the selected parameters. Only USB was selected in the Bus type parameter.
Device Definitions were defined as follows. Step 1: The device definition rules from above was included.
Step 2: Block (online\offline); Monitor (online\offline) and Notify user (online\offline) were selected.
Step 3: Was left blank initally with just the privileged user set up by user account. The drives were not being blocked. A User Assignment group was then set up and used, it was set up by group as defined by Active Directory.
Basically mistake with McAfee DLP is method of enforcement.
You need to decide wich one more effective for you - computer or users/group enforcement.
If you try to use both, the resoult is conflict and policy not work.
My advice - start from beginning. Delete device rules and Assignment groups. Recreate rules.
1. For computer enforcement - leave "Assignment groups" empty (skip it) and create policy for DLP agent in policy catalog. Select the created rules and apply policy for selected computers or group.
2. For AD user/group enforcenent - select "Assignment group" in Device rule creation wizard, click apply button in DLP management interface and NOT!!! change policy for DLP Agent.
3. Make wakeup for clients.
PS: Changes madden in "Agent Global configuration" enforced just after client reboot.
I just evaluate DLP and find quite diffcult to start with.
The product guide may not be a good starting point.
It descript every screen items in the policy manager.
Is there any step by step guide for beginner to try on setting up some basic infrastructure?