in DLP Device Control i have configured a storage device rule for blocking usb storage devices.
I've configured following parameters:
bus type: USB
Filesystem type: exfat, fat, fat16, fat32, NTFS
This works fine.
Now i want to configure exceptions for some devices.
Usually i use the serial number of the device for the DLP device definition.
This works fine also.
The problem is now - some devices have no valid device serial numbers because
they contains some &'s and so on.
I've tryed using the device-instance-id and device name and others but no success result.
Anyway, the devices which i want to permit are no junk-devices like cheap usb sticks or so.
There are expensive dictation devices for example.
Is that somehow manageable now??
Maybe you can help me
Device Instance ID would be the best way to identify these devices. What happened when you tried to use them?
McAfee DLPe TierIII
So. I understand that you want to make an exception for an USB device.
Step 1. Create a plug and play general USB device definition.
Step 2. Block it with an device rule.
Step 3. After the blocking event reaches the DLP monitor go there and export the device parameters in a .csv file
Step 4. Go on DLP policy and create a plug and play definition importing the file that you've just created.
Step 5. Add this new created device as a exception on the device rule used on step 2.
Hope it helps,
Message was edited by: bogdan.clej on 12/6/12 3:31:34 PM EET