3 Replies Latest reply on May 30, 2011 10:53 PM by tonyw

    Fail to block tagging files write into CD/DVD

      I created the removable storage protection rule, it block the files in file server move to removable storage.


      USB, Floppy can be blocked, but CD/DVD fail to be blocked.

        • 1. Re: Fail to block tagging files write into CD/DVD

          Please refer to KB53598 which describes why it can't block cd/dvd writing.


          From the KB article at https://kc.mcafee.com/corporate/index?page=content&id=KB53598:


          McAfee recommends that you create a device rule and make the CD drives read-only.


          It is not possible to block using a reaction rule that is triggered from burning software such as:

          • Nero
          • Roxio
          • Windows built-in burning functionality.

          The reason for this relates to how the CD burning software builds the data to be written and because of the manner in which those applications choose to organize the data before burning, which makes Data Loss Prevention unable to block that data using an Application Reaction rule.


          Data Loss Prevention does provide tagging and monitoring via a burner application reaction rule, just not blocking functionality. This feature has limited functionality but does exist in Roxio versions 6-8.

          • 2. Re: Fail to block tagging files write into CD/DVD

            Thanks for your reply. How to create a rule to monitor the tagging file write into CD/DVD via burner application reaction rule. I am using DLP 9.0 and ePO4.5, there is no "burner application reaction rule" BTW, Is there any work around method to block the tagging file?


            消息编辑者为:ivanlee on 11年5月30日 上午01時25分31秒
            • 3. Re: Fail to block tagging files write into CD/DVD

              Under protection rules there is an option under application definitions for media burner applications but as the KB stated, this will only have limited functionality unless using Roxio v6-8.


              If you want to block the file from being written and aren't concerned with the limit of not being able to read from cd/dvd media, create a plug and play device rule to block cd/dvd drives.  The drive won't be seen in Windows and can't be read from or written to.