Mcafee Removable Media Control

Posted on by

Supported platforms, environments, and operating systems for. McAfee File and Removable Media. FRP does not support removable media encryption. McAfee+Embedded+Security+Solutions.jpg' alt='Mcafee File And Removable Media' title='Mcafee File And Removable Media' />How to Create a Removable Media Policy Mc. Afee Community. Introduction. We all know that a USB thumb drive is a very easy way for a user to copy data off a corporate computer. Whether by accident or on purpose, users sometimes move sensitive data to a USB drive and from there that data could end up anywhere. Mc. Afee DLPe 9. 4 provides a simple way to block the ability to copy data to a removable storage device and prevent users from moving files off a corporate computer. In this document, were just going to create a simple policy to block users from being able to write data to a USB Device, but still allow them to copy data from the usb drive to their computer. Video Demo. Create a Removable Media Policy. McAfee File and Removable Media Protection 4. Best Practices Guide 3. Contents. and provides a single point of control to protect. First, we are going to create a new DLP Policy and assign it to the default policy within the environment. To create a removable media DLP Policy, go to Menu Data Protection DLP Policy Manager. Here, well want be under the Rule Sets tab and create a New Rule Set by going to Actions New Rule Set. Well call this rule set Removable Device read only rule set. After the rule set is create, click on the Rule Set name, Removable Device read only rule set, and that will open up the DLP Rule Set configuration page. To create a new device control rule, click on the Device Control tab. Next, click on Actions New Rule Removable Storage Device Rule. Why+McAfee+Endpoint+Encryption.jpg' alt='Mcafee Control Console' title='Mcafee Control Console' />Mcafee File And Removable Media Protection UninstallLets start by naming it Removable Storage Read Only Rule. Right below, well want to set the state to enable and lets increase the severity to Minor. Now, in the Removable Storage section, click on the three dots on the first line. That will open up a new dialog box where you can specify the properties of the device for the rule. Well want to create a new device by clicking on New Item. For the name, enter USB Storage Device. Next, on the left hand side, click on Bus Type and use the drop down under Value to select USB. You can also narrow down the scope of the devices that you want to monitor or block by using the other options here, such as the USB Device Serial Number or VIDPID codes. Were just going to use a general USB device rule for now and click Save. Now we can see our USB Storage Device, so go ahead and check it and click Save. Next, well want to set the reactions by clicking on the Reactions tab. Here, under the Prevent Action, lets select Read Only. We can create a user notification by clicking on the three dots in the User Notification section. In the notification selection box, click on New Item. Premium Files From Upstore here. We can name this Removable Storage Notification under the Name section and well just put This removable Storage Device is configured to be read only. Just click Save and then select the newly created Removable Storage Notification and click OK when youre done. Lastly, check the Report Incident box so that we can see the incident in the Mc. Afee e. PO console. After thats all configured, click Save. We can now close the rule set with the close button in the bottom right. Assigning the rule. Next, well want to assign the rule set to a policy. In this example, Im going to assign this rule set to the default policy so that all of the machines with DLP installed will be affected. In your environment, you may want to assign it to a test policy. In the DLP Policy Manager, click on the Policy Assignment tab. Here, we can see which policies are assigned within the environment. Garmin Nuvi 260W Update. Click on Actions Assign a Rule Set to policies to bring up the policy assignment dialog box. Use the Drop down and select the Removable device read only rule set check the policy that you wish to assign this rule set to, then click OK. You can now see that theres a pending change. To apply this rule set, youll want to go to Actions Apply Selected Policies. In the dialog box that pops up, check the police to apply and click OK. Now, to test the policy, well first want to perform an agent wake up. Go to the system tree, find your test DLP system, check it, and click on Wake Up Agent. After the Agent has performed a Collect and Send Properties, we can test it out by plugging in a USB thumb drive. When we plug in the drive, itll notify us that the drive is set to read only mode. We can copy files off of it but when we try to copy a file onto the drive, itll give us an error. As you can see, Mc. Afee DLPe can help protect your organization by preventing users from accidentally or purposefully copying data to removable storage devices.