We recently added DLP to our McAfee instance to inhibit users from using external USB and FireWire devices, but have an exception policy where I add devices by either VID/PID, Device Serial Number, or Volume Number for devices which are allowed by managerial policy. All works great for cameras and any USB devices that are not encryptable, but when I add any devices which are FIPS compliant, I am not able to access these, no matter how I add them.
As an example, I have a BUSlink Ciphershield USB Device with VID 0CAF and PID 2773 here, but access is denied regardless of whether I add this device through VID/PID, only VID, or Device Serial Number, Device Instance ID, or even device name.
Does anyone have a suggestion as to how I can add such devices to the policy so that they are accessible for users?
Any help will be greatly appreciated.
Let me add that this particular device includes hardware encryption, a firewire key which plugs in to the front of the drive. There is no change in VID/PID or any other information on a machine on which DLP is not installed and where the drive is accessible.
Message was edited by: kmcin11 on 6/11/13 7:04:19 PM CDT
Message was edited by: kmcin11 on 6/12/13 1:03:39 AM CDT