If you want to understand yourself, you will need:
1. Find all device GUID on you endpoint devices: Menu - Reporting - Queries & Reports - tab Groups - McAfee Groups - Data Loss Prevention - Query name "DLP: Undefined Device Classes". It is correct for epo 5.1.1. and DLP Endpoint 9.3.4. If you have another epo/DLPE, print "Undefined Device Classes" in the fild "Quick find".
Click "Run" and see "Undefined Device Classes List".
2. You may add Undefined Device Classes List to DLPE - Device Management - Device Classes.
3.And make Device Definition: Add new - PnP Dev Def - Device Class (or something else).
To another question: see DLPE. You can see different rules. You can control only IE and FF. Not Chrome and others.
If you want, you may block all another applications. If you will block same prosesses like Safari in Windows testing!!! you rule, because safari use 2 exe files: safari,exe and ...
And let small remark. Your question is - how do I configure DLP study courses at McAfee. He is very big and the would be better if you set it more precisely. For example, I did a tune DLP policies, I have not worked this rule ... Help!
In continuation of its response will describe the lock send files via webmail:
1. Menu - Data Protection - DLP Policy.
2. Into DLP Policy go to Definitions - Web Destinations.
3. Click "Add new" tape any name (what name you want) and double click to this destination.
4. In WEB URL tape internet address: hotmail.com, mail.google.com end others.
If you add the whole site Google (google.com), you get a lot of messages, for example, if the user is viewing Google News, so you need to properly and accurately specify websites.
5. Content Protection - Protection Rules - Add new and select Web Post Protection Rule. Give it any name what you like.
6. Step 1 choose YOU WEB DESTINATION, steps 2-6 nothing (or check if you need), step 7 choose Reaction (Block, Monitor, Notify User - So you can test the rules), step 8 - choose User Group (or Check endpoint computers/laptops into epo).
7. Save you DLP Policy and Apply to EPO.
8. Apdate you policy from endpoint computerl/laptop or from epo.
Through Web destination and Web post protection rule we are blocking complete recipient mailing domain.I would like to block the attachment say name or the file content Confidential or Tender ..how to do that
As I understand, you want to block, not all files, but some files. Block must be specified file attributes.
1. DLP Policy - Definitions - Document Properties.
2. Add New and enter (type on the keyboard) name what you like.
3. Edit you new document properties. In Advanced properties you can enter any properties. I do not check all the possibilities of this setting, so you have to test yourself. Save any changes in document properties.
4. Go to you Web Post Protection Rule - step 5 - in Document Properties Definition Include or Exclude you Document Properties.
5. Save and Apply to epo.
And test you rule. Good luck.
Sounding good...will test and let you know difficulties if any.
Basically I wanted to block the attachment by two categories
- File Name
- File Type
I hope the suggested solution will fulfill the my requirement ..correct me if I am wrong
Some of my dell laptops E7440 and E7240 OS locked after the DLP 9.3 patch 4 removable storage device rule applied.
What should i do?