1 Reply Latest reply on Feb 12, 2014 12:05 PM by Naveen Chakrapani

    EEFF\EERM Exclusions

    st_john

      We are deploying EEFF 4.2 to only encrypt USB devices. I realize that DLP has more capabilities for handling various devices. However, I would like to know how far I can get with EEFF\EERM alone. Are there any resources for exempting phones, tablets, ereaders, etc by manufacturer, for example Apple? I have EEFF deployed and the EPO logs show 700 devices so far. I can get a list of current devices from an EPO query, example below.

       

      USBSTOR\Disk&Ven_Apple&Prod_iPod&Rev_1.70\serial_number

       

      Since others have already deployed I was just wondering what resources were available to help with this. Otherwise I guess I am just monitoring, gathering devices and exempting.

       

      This has been pushed up in the queue by Management so I under the gun to get it moving.

        • 1. Re: EEFF\EERM Exclusions
          Naveen Chakrapani

          "Device exemption” feature is based on the DeviceID (Device Instance Path), and devices are exempted based on a substring match.You can configure any search patterns or device IDs.

           

          For instance if the Device ID was identified as USBSTOR\DISK&VEN_KINGSTON&PROD_DATATRAVELER_G3&REV_1.00\001CC0EC321DFBC0B7172686 &0,any of the below strings will exempt the device from being encrypted

          • KINGSTON -> Would exempt all KINGSTON devices including the one above
          • DATATRAVELER -> would exclude all DATATRAVELER models including one above. The MAKE may or may not be KINGSTON
          • G3 -> Any device with G3 would beexcluded including the one above
          • DISK&VEN_KINGSTON&PROD_DATATRAVELER_G3&REV_1.00  and so on….

           

          For more information, refer to the articles below :

          How to exempt devices by Vendor : https://kc.mcafee.com/corporate/index?page=content&id=KB69770

          How to exempt by Device IDs : https://kc.mcafee.com/corporate/index?page=content&id=KB75531

           

          Hope this helps