Hello all, we have implemented Mcafee dlp into our network to control usb device access at our company.
I am now adding dlp control for cd drives and have run into an issue - I created a removable storage device definition for CD/DVD drives and added it to our Device Rule. The rule is set to Block/Monitor/Notify when the cdrom device is detected.
What is happening with this rule is that when a user logs into their pc, the computer boots up and loads the cd/dvd drivers- At this point, Mcafee detects the cdrom device and the user receives the Mcafee device blocked notification.
However, say the user needs to use cd at some point throughout the day - When they put the cd in the cdrom, they no longer receive another dlp blocked message. The device access is blocked however.
I would need to have the dlp popup show when a cd is put into the machine so the user can enter a challenge code – Just like it works when a user plugs in a usb storage device.
What is the best way to go about this – To have the Mcafee dlp message popup when a cd is put into the computer.
From an overview, the rule seems to be working as intended, by blocking the device - but what I actually need is control over the cdrom media itself. Is there a better approach or different type of rule that should be used.