@g,

that is something i am looking at now as this is being discussed specifically with a client as the Samsung phones use the MTP along with the tablets. we are seeing what we can do as a 64 gig sd card or a phone can copy out a lot of data and you will never know it. Do you have SEP, as we are looking @ both to find out which one gives us the best solution.

Is there a program on the endpoint devices that enables the MTP transfer? If so, you can find out the executable and create an application monitoring profile for the endpoints.

This si the same approach that was there when it came to Bluetooth.

Ronak

Did you guys find an executable for MTP or Bluetooth? I am also interested in this.

The bluetooth executable is already in the DLP platform. It is called Microsoft Windows Bluetooth and is already registered in the Application Monitoring (fsquirt.exe).

I am not sure about the MTP transfer

MTP registry : C:\Windows\inf\wpdmtp.inf

MTP Application : WudfHost.exe

Based on my Question thread : https://www-secure.symantec.com/connect/forums/block-confidential-data-mobile-device-androidblackberryiphone

Thanks

I found that MTP used WudfHost.exe for Protocol in Windows. I think we can registered in the Application Monitoring and add WudfHost.exe to monitor.

cause i don't have any Lab, can someone try this for me ?

Thanks