It only scan USB when it is in use and scan for particular files only like while reading from disk or writing to disk.
This policy you can configure under Policy catlog->On access default process policy( under scan items you will find option to scan files)
you can not perform a full scan when we insert the USB stick??
we already discussed this with some customers. We spoke about the McAfee Strategy and the technical options for the customer.
Just a question, do you mean -> blocking the USB Drive unti it is scanned?? This is not possible, and neither, not in the product design.
1) if VSE is configured to scan on Read, any file is scanned automatically.
2) if "compressed files" is acticated, these files are also scanned.The question is, how about 1TB disks, and if they are connected to USB 2.0 and there are many files on it. Such a scan runs really long, until the device is available for the user.
- How about 1TB disks, and if they are connected to USB 2.0 and there are many files on the disk. This takes really long, until the device is available for the enduser until all files are scanned.
3) Device Control can be used the block any executable code to be executed directly from the removeable storage
4) With TIE and HDLP you can block access to your data if the PE does not have a minimum reputation level in the TIE database.
Finally, just a question, why the USB sticks should be scanned on insertion?? What should be the goal with this approach?