4 Replies Latest reply on Apr 17, 2015 6:10 AM by palex

    DLP how do I block MTP

    alexp01482

      Hi

       

      I'd like to be able to block MTP in DLP. I'm running version 9.3.300.16.

       

      I've read that you can block MTP using a Removable Storage Protection Rule, but I can't find any reference to it.

      Capture.PNG

       

      Am I being stupid? Can some point me in the right direction, just using small words please ;-)

       

      Cheers

       

      Alex

        • 1. Re: DLP how do I block MTP
          exbrit

          Moved to DLP for a faster response.

          ---

          Peter

          Moderator

          • 2. Re: DLP how do I block MTP
            palex

            Hi, alex01482!

            See Re: Blocking attchment sending through emails/webmails

            Removable Storage Protection Rule is in this window :-) This rule do not block MTP-Devices (it control copying files to MTP-devices)

            003.png

            You can block MTP-Devices with Device Control in this :

            002.png

            Regards.

            • 3. Re: DLP how do I block MTP
              alexp01482

              Thanks for the reply palex

               

              To Block MTP using device rules will I have to know the Device_Id for every make\model I want to block? That's not really workable given all the possible variations.

               

              In this link Blocking Non Removable Mass Storage Devices - What Do You Do?

               

              some contributors suggest that 9.3 natively supports the blocking of MTP devices.

              • 4. Re: DLP how do I block MTP
                palex

                Hi, alexp01482!

                 

                You do not need to enter the type and PID of all the devices to block them.

                First, using a DLP find all classes of devices that are in your network (there is a standard request in to the EPO). Then add the tab DLP Policy-Device Management-Device Classes (Windows only) all classes of devices, decide what you will control what is not. For example, attempts to control or lock the entire class of devices, such as controller USB lead to a blue screen of death on computers. Then make Device Definition. Turn back the device class that you want to monitor. Example, New device definition - PnP - USB Class code or Device Class.


                After that you need to make the Device rules. Do not forget that if you make a rule to protect, for example, blocking the smartphone, you must include a definition of the devices and to exclude other categories (Include one and Exclude another Device Definitions).


                Regards.