3 Replies Latest reply: Aug 23, 2013 12:26 AM by Manish KS RSS

    DLP system based policies

    Hemant Koli

      Hello Everyone.


      I am using DLP & i have configured DLP policies to block USB(Mass Storage) & CD/DVD. I have applied this policy to everyone(User Based). User abc is a part of everyone.

      Now if i have created a computer asignment group using policy catalog & i have unchecked all the rules & asigned to a system xyz. User abc logs in to system xyz, so the devices which were blocked by DLP policy will be accessible OR not? as we have configured the system based policy to unblock the devices for system xyz.


      Thanks in Advance.

        • 1. Re: DLP system based policies

          Hello Hemant,


          As per your query only there should be no user in system base policy. you have to create one more policy to unblock the system and check that in assigned policy in system tree acording to your need that for system or for group


          hope this will help to reslove your query please post the query if you have any doubt.

          • 2. Re: DLP system based policies

            The most restrictive rules will be in effect.

            • 3. Re: DLP system based policies
              Manish KS

              HI Hemant,


              As you said you have user based dlp policy to block the Storage / CD DVD which is applied to everyone (all domain users), then why do you need again to apply that policy besd on system? If you want any user to not be effected by that policy you can simply exclude that username or if you are only bother about that system you can log in on that system as local user instead of domain user.  If you log in as domain user  the most restrictive rules will be in effect. as Vimal said and the storage device will get block.