Steps to add an exclusion for encryption applications that reside on USB drives:
Apply the policy by clicking Actions, Apply Selected Policies and select the appropriate policy. Click the Exceptions tab, and then click the Excluded Device Templates section, next to Removable Storage is one of (OR), click the Selection box (gray box with 3 dots) button and select Excluded Drives. On the Device Control tab, select the Block All USB Drives Removable Storage Device Rule created in Solution 1. Go back to DLP Policy Manager, click the Rule Set tab, and click the Rule set created in Solution 1, Step 18. Leave the Comparison set to Equals and add the Vendor ID (VID) and Product ID (PID) gathered in the previous steps. Expand Device Control and select Device Templates. In the DLP Policy Manager, click the Definitions tab. Return to the DLP Policy Manager in the ePO console to perform the following steps: This entry is used again in step 8 of the following procedure. Click the Details tab and look for one of the following entries in the drop-down list:. Right-click the device found in the Computer Management list, and click Properties. Typically, the additions display under Storage volumes, but they can also display in Disk Drives or similar locations. Look for any additions that display in the Computer Management list. At the top of the Computer Management window, click the View menu option and select Show hidden devices. Right-click My Computer, and select Manage. Click Start, Run, type explorer, and click OK. Steps to add an exclusion for specific USB drives authorized for use: If no new Rule Set was created, navigate to the Policy Assignment tab in the DLP Policy Manager and apply the appropriate policy. If a new Rule Set was created, select Activate the Rule Set in DLP Policy in the Policy Catalog. Under the Computer disconnected from the corporate network section, leave the Prevent Action set to React the same way as connected system. Configure User Notification and Report Incident as appropriate. Click the Reaction tab and select Block under the Prevent Action drop-down list. In Removable Storage, select Block USB Drives in the context menu. 
Select the appropriate users to assign the rule. Name the rule Block All USB drives Removable Storage Device Rule. In the selected Rule Set, click Device Control, Actions, New Rule, Removable Storage Device Rule. Create a Rule Set or open an existing Rule Set. Add the Bus Type property and change the value to USB. Add Block USB drives to the name of the definition. 
Click Actions, New Item, Removable Storage Device Template. In Definitions, click Device Control, Device Templates. Click Menu, Data Protection, DLP Policy Manager. Steps to block all USB drives using DLP Endpoint:
0 kommentar(er)
