I have downloaded the trial of the DLP and successfully set it up into my existing ePO (5.3.0),
What I am now trying to achieve is just to monitor USB usage on our network, and more so I want to see file information about what is being transferred onto USB as we deal with many confidential documents and want to be protected from the inside against any data breach,
I am not sure if this product will do what I want as when I try set it up I can get it to work for making a USB key read only etc. but when I try to just monitor a USB it does not record the evidence so to speak or prompt me with a message like it would if I set the action to block the copy instead!
I just want to check if others have tried to set up a policy to do this, and how they have gotten on,
And also in my evidence folder which I now have set up, there are folders with 2 letter/number names and then inside a file with a random name ending in a .dlpenc extension,
Can I ask how do I view or open these to see if the correct information I need is being captured,
If you need any further information to this query please let me know
Figured this myself a while back!
I had a blank classification put in from a demo I had created - didn't know this could be set as all data in the classification field after going through everything else 5 times over!
Then I figured all evidence data is read from that format into the DLP incident manager - well you learn from you mistakes! I hope this can help somebody!