3 Replies Latest reply on Jan 18, 2011 2:06 PM by j.hawes

    DLP Consistently inconsistent in application of USBSTOR rule

      I have an implementation of HDLP on ePO 4.5 to restrict USB thumb drive access to only two specific brand and models.


      My rule was created to identify both specific Verbatim encrypted USB drives by VID:PID, and apply the rule to a list of users brought in from Active Directory.


      In some cases, a restricted user logs in, inserts an unapproved drive and it is blocked.. Rule works asa designed.  When the same user inserts an approved encrypted drive, they can access the "cd-drive" portion and log into the drive.  Everything works as originally designed.


      However, this behavior is not consistant.  Another user logs into the same workstation. His login is also in the restricted user list, but he attempts to use an authorized encrypted drive.  On insertion of the USB drive into the port, everything looks the same as the previous scenario. The user can access the "cd-drive" portion, and when the software starts, the user gets an immediate block message, and now has no access to the "approved" encrypted drive.


      Both of these users are in the restricted user group within ePO DLP, and the enabled radio button is checked, which should force the full rule to apply to both users.


      I am baffled why the rule would work for some users but not others on the same workstation.


      Any ideas?