Where can I find some documents that can explain how to configure the dlp policy so I can be sure that everything I want is blocked except for the ones I approve?
Also, I've tried working with this tool - https://kc.mcafee.com/corporate/index?page=content&id=KB75040&actp=search&viewlo cale=en_US&searchid=1353340473618 but I have this error when I try open it: Failed to load SecurityService Module.
I feel like I'm missing something...
Does anybody know what is this error?
Thank you and have a nice day !!
1. What is the scope of your devices - MAss Storage. HID. CD Drives, ...etc.
Create Definition rule. Configure the device classes that you want to manage.
2. Device Rules
Create Device Rules - Monitor and Block
3. Type of Enforcement - AD User-based or Computer-based
User Based - Create groups in "User Assignment", add the users/groups and configure the the device rule.
computer Based - Policy Catalog -> DLP -> Computer Assigment Group. Create a new policy and configure the device rules.
4. Push DLP using the client task.
5. Monitor the events
Data Protection - DLP Monitor.
Thank you for your answer.
I know how to do the basic, but I'm asking about the rules - not how to make them. I want my network to be full protected, from anything that can be connected to the systems, but without harm the systems (like I can't block all USB connections).
I just need some tips how to secure my network, what rules are required.
no one can give you tips to secure your network because every network is different. i work in a financial organization and here we not only require usb blocking, we also need clipboard protection, email protection etc (many more rules which i have not mentioned)... im sure if yours is a small network / different organization, the requirement would be different than mine.
And always remember, there is no such thing called 100% security.
Ok looks like I have similar question here. I deployed DLP to one pc, installed and it is working. I can see it if I go to about and also on the EPO side. I created the DLP Policy, set up device definitions, created protection rules but the policy is not being sent to the computer? Am I missing something?