2 Replies Latest reply on May 11, 2010 1:59 PM by PedroPete3

    Blocking USB Storage Devices

      I am looking at DLP to implement the blocking of unknown/unauthorised USB storage devices.

       

      I thought that I could have one rule that blocked ALL devices, followed by another rule that allowed KNOWN devices that we had already defined.

      That way all new/unknown devices would be blocked until I specifically allowed them.

       

      However, if I understand correctly, the BLOCK ALL rule will override the ALLOW KNOWN rule, as block rules take precedence over allow rules and there is no way of making

      them hierarchical.

       

      I'm sure this is a standard thing to want to do, so can someone point me in the right direction?

       

      Adrian Lodge

      Eastleigh Borough Council

        • 1. Re: Blocking USB Storage Devices

          Create two rules as follows: Rule 1: All Devices included and Approved Devices excluded (remember to do this in the same rule). Select block / read only as a reaction.

          Rule 2: Include only the approved devices. Select monitor as the reaction

           

          Rule 1 meets your requirement whereas Rule 2 monitors approved device usage.

          • 2. Re: Blocking USB Storage Devices

            Is anyone else having trouble getting SanDisk U3 devices to be read only?  I created the rules above as described, but I can still write to the SanDisk U3 device.  The rules do block other USB devices though.  Do I need to block all SanDisk U3 devices?