4 Replies Latest reply on Sep 12, 2014 5:07 AM by ninjaneer68

    Mass storage Devices Rules

    ayubniazi

      Hi,

       

      i hve created 02 groups of users in my domain; a) Restricted Users, Mass  storage is blocked for this user group, b) previllaged Users that can use mass  storage.

       

      now what i need to configure is that ;

       

      ( i )          Restricted users can never use mass storage

      (ii )          Previllaged users can use only  mass storage devices that are  registered with DLP (with Serial Numbers).

      ( iii )        To monitor the data being transfered from Mass storage devices  to computers or from computers to mass storage devices by previllaged users.

       

      any help in this regards will be appriciated.....

       

       

       

      best regards

        • 1. Re: Mass storage Devices Rules

          Hi,

           

          You can use the following configuration :-

           

          1) For privileged users:-

                    Create Removable storage Device rule

                         Include all Removable storage Devices

                         Exclude the ones that you want to allow.

                    Create a Removable storage protection rule

                         Monitor action     (This will monitor all files being copied to all removable storage devices)

          2) For restricted users :-

                    Create a Removable Storage Device Rule

                             Include all Removable Storage Devices

                              Block

           

           

          Hope I could help.

           

          J.L.

          • 2. Re: Mass storage Devices Rules
            ayubniazi

            thnx Jayant Lakhotia

            • 3. Re: Mass storage Devices Rules
              ninjaneer68

              I know this is an old question but here is another way to get this to work

               

              Create 2 User Assignment Groups (UAG)

              UAG1 (this needs to be all in one UAG) Unclude all Domain Users, Exlude Allowed USB Users

              UAG2 Include Allowed USB Users

               

              Create Device Definitions

              DD1 - All USB Devices

              DD2 - Allowed USB Devices

               

              Create 2 Rules

               

              Rule 1 - Include DD1, BLOCK, Add UAG1

              Rule 2 - Iinclude DD1, Exlude DD3, BLOCK, Add UAG2

               

              This will block all USB devices to everyone and exclud the allowed users

              The 2nd Rule is to monitor the allowed users, it will only allow the USBs with serial numbers and block all other USB's from them.

               

              Hope this helps

              • 4. Re: Mass storage Devices Rules
                ninjaneer68

                does the Removable storage protection rule only work in Full DLP ? Does it work on DCM license ?