3 Replies Latest reply: Apr 29, 2013 12:57 AM by virgona RSS

    Creating Device Rules that do not block each other out


      Hello McAfee community,


      I am currently configuring our DLP 9.2 agent to be deployed for the first time and i am coming across a couple of  issues while creating the removable storage rules.


      We have a lock down all USB's policy due to the sensitive nature of the data we have here. Anything that requires access is done by exception.


      The way i have approached it (which could be the wrong way) is to create a removable storage device definition group with everything that we wish to lock down (ie USB's). Then when we need to unlock a specific device i create a new rule, add in the definition group then using the device ID have that excluded from the rule and hey presto, USB's are locked down except for this particular device for the specific assignment group.


      This works great so long as no one is added to two different rules, otherwise each rule blocks the device that is being excluded by the other and nothing works!


      Is there any way around this problem?


      Thanks in advance,


      Paul Smith